Alert: New DroidBot Malware Threatens 77 Banking Apps Across Europe

Alert: New DroidBot Malware Threatens 77 Banking Apps Across Europe

Enhanced Summary:

DroidBot: New Android Banking Malware Threat

Key Features:
– Targets 77+ cryptocurrency exchanges and banking apps across Europe
– Operates as Malware-as-a-Service (MaaS) platform
– Monthly subscription cost: $3,000
– Active since June 2024

Technical Capabilities:
– Keylogging
– Fake login page overlays
– SMS/OTP interception
– Remote device control via VNC
– Exploits Android Accessibility Services

Distribution & Impact:
– 776 confirmed infections across UK, Italy, France, Turkey, and Germany
– 17 identified affiliate groups
– Disguises as legitimate apps (Chrome, Play Store, Android Security)
– Targets major platforms including Binance, KuCoin, BBVA, Unicredit, Santander

Security Recommendations:
1. Download apps only from Google Play Store
2. Review app permissions carefully
3. Keep Play Protect active
4. Be wary of Accessibility Service requests

Current Status:
– Under active development
– Expanding to new regions, including Latin America
– Turkish origin developers
– Provides complete infrastructure for affiliates

Share This Article