CySecurity News – Latest Information Security and Hacking Incidents
The ERMAC Android banking virus has been updated to version 2.0, increasing the number of apps targeted from 378 to 467, allowing attackers to steal account passwords and crypto wallets from a much greater number of apps.
Threatfabric researchers found ERMAC in July 2021, notably it is based on the well-known banking trojan Cerberus. Cerberus’ source code was released in September 2020 on underground hacking forums after its operators failed an auction. The trojan’s goal is to send stolen login credentials to threat actors, who then use them to gain access to other people’s banking and cryptocurrency accounts and commit financial or other crimes.
ERMAC is currently available for subscription to members of darknet sites for $5,000 a month, that is a $2k increase over the first release’s price, indicating the boost in features and popularity. A bogus Bolt Food application targeting the Polish market is the first malware campaign to use the new ERMAC 2.0 virus. According to ESET researchers, the threat actors disseminated the Android software by impersonating a reputable European food delivery business on the “bolt-food[.]site” website. This phony website is still active.
Phishing emails, fraudulent social media posts, smishing, malvertising, and other methods are likely to lead users to the false site. If users download the program, they will be confronted with a request for complete ow
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: