Cyber security news for all

More

    Ghimob trojan attacks mobile phone users

    The new trojan Ghimob tries to lure victims into installing the malware documents stating that they are in debt. The documents contain a link that supposedly leads to further data. As soon as the trojan is installed, it sends a message to the server about the successful hack. This contains data about the phone, whether it has a lock screen and installed applications that could be hacked.

    Ghimob Can Spy On 153 Different Apps

    These apps are mainly from companies and stock exchanges. Ghimob is a spy that his victim carries around with him all the time. The hackers can remotely access the device and carry out fraudulent information. By using the victim’s phone, they can avoid institutions and their networks from recognizing them, identifying them and taking security measures. Even if the user uses a lock screen pattern, Ghimob is able to install and play it to unlock the device.

    Ghimob
    Same link, different files: ZIP for Windows, APK for Android

    When conducting a transaction, the hackers could display a screen overlay or open some pages. The malware is carried out in the background while the users are looking at their screen. Finance programs that are already open or logged in and that are installed on the device are used.

    The desire of the cyber attackers for a banking malware with worldwide reach has a long history. Security researchers have already identified some hacker groups, who were heavily geared towards the Brazilian companies. In fact, Ghimob is the first mobile trojan in Brazil ready for global expansion. Experts think this new campaign can be linked to the threat for a well known banking malware. This is particularly indicated by the use of the same infrastructure.

    Ghimob detections: Brazil for now, but ready to expand abroad

    To protect devices from such malicious threats, an endpoint with device features should be used. This ensures that only trusted applications from an approved whitelist can be installed on the devices that have access to company information.

    Recent Articles

    New malware called Egregor is on the rise

    New malware is on the rise. The Egregor malware has only been in active for 2 months, but it is already becoming apparent that...

    Anyone with a smartphone can become a victim of cyber-mobbing

    Cyber-mobbing is becoming a huge risk in the current COVID crisis. According to a study, almost 20 percent of students in Germany are exposed...

    macOS Trojans: Traces lead to Vietnam

    Security researchers have discovered a new macOS Trojans. Behind this could be a well known hacker group that has spied on Vietnamese dissidents in...

    Court forces Tutanota to perform a surveillance function

    Tutanota email only stores its user mails in encrypted form and cannot read them itself. Tutanota is one of the few email providers that...

    Manchester United have been blackmailed by cyber attackers

    The Premier League club Manchester United fell victim to a cyber attack according to the Daily Mail. The cyber criminals are apparently demanding ransom in...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox