A previously unreported Android banking trojan targeting users of the Spanish financial services business BBVA has been spotted in the wild.
The malware, named Revive by Italian cybersecurity firm Cleafy and believed to be in its early stages of development, was first discovered on June 15, 2022, and propagated via phishing operations.
“The name Revive has been chosen since one of the functionality of the malware (called by the [threat actors] precisely ‘revive’) is restarting in case the malware stops working, Cleafy researchers Federico Valentini and Francesco Iubatti said in a Monday write-up.
Downloadable from malicious phishing websites (“bbva.appsecureguide[.]com” or “bbva.european2fa[.]com”) The malware impersonates the bank’s two-factor authentication (2FA) app as a bait to mislead users into installing the software and is reported to be inspired by open-source spyware dubbed Teardroid, with the authors altering the original source code to integrate new features.
In contrast to other banking malware that is known to target a wide range of financial apps, Revive is targeted for a single target, in this case, the BBVA ba
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: