Friday 7 June 2024, Poradnik bezpieczeństwa

The Trojan impersonates a banking application on your phone


A new threat has been detected, which is a banking trojan that attacks Android users. Discovered by Cyble, the Antidot Trojan pretends to be an application and is distributed through unofficial sources as an "exclusive update" or "special version" of the application. It may also appear in suspicious emails and text messages.

Once installed, the Trojan displays a fake Google Play update page through which the user clicks "Continue" to give the Trojan full access to the device. The malware can then steal your bank login details and private messages.

Antidot uses advanced techniques such as overlay attacks, creating fake websites that look like real banking applications to capture entered passwords and account numbers. In the absence of a fake website, the Trojan uses a keylogger to record all information entered.