Android malware BrazKing returns as a stealthier banking trojan
By MYBRANDBOOK
The Android banking trojan BrazKing has returned with dynamic banking overlays and a new implementation trick that allows it to operate without seeking potentially dangerous permissions.
A new malware sample was analyzed by researchers who found it outside the Play Store, on sites where people end up after receiving smishing (SMS) messages. These HTTPS sites warn the prospective victim that they are using an outdated Android version and offer an APK that will allegedly update them to the latest version.
In the previous version, BrazKing abused the accessibility service to detect which app the user opened. When the malware detected the launch of a targeted banking app, it used to pull an overlay screen from a hardcoded URL and present it on top of the legitimate app.
BrazKing no longer uses the ‘getinstalledpackages’ API request as it used to but instead uses the screen dissection feature to view what apps are installed on the infected device. When it comes to overlaying, BrazKing now does it without the ‘System_Alert_Window’ permission, so it can’t overlay a fake screen on top of the original app as other trojans do.
The ability to snatch 2FA codes, credentials, and take screenshots without hoarding permissions makes the trojan a lot more potent than it used to be, so be very careful with APK downloads outside the Play Store.
According to the report, BrazKing appears to be operated by local threat groups, as it is circulating on Portuguese-speaking websites.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Icons Of India : MUKESH D. AMBANI
Mukesh Dhirubhai Ambani is an Indian businessman and the chairman and ...
ICONS OF INDIA : RITESH AGARWAL
Ritesh Agarwal is an Indian billionaire entrepreneur and the founder a...
ICONS OF INDIA : ROSHNI NADAR MALHOTRA
Roshni Nadar Malhotra is the Chairperson of HCLTech, a leading global ...
C-DOT - Center of Development of Telematics
India’s premier research and development center focused on telecommu...
CERT-IN - Indian Computer Emergency Response Team
CERT-In is a national nodal agency for responding to computer security...
GeM - Government e Marketplace
GeM is to facilitate the procurement of goods and services by various ...
Indian Tech Talent Excelling The Tech World - Steve Sanghi, Executive Chair, Microchip
Steve Sanghi, the Executive Chair of Microchip Technology, has been a ...
Indian Tech Talent Excelling The Tech World - NEAL MOHAN, CEO - Youtube
Neal Mohan, the CEO of YouTube, has a bold vision for the platform’s...
Indian Tech Talent Excelling The Tech World - Aman Bhutani, CEO, GoDaddy
Aman Bhutani, the self-taught techie and CEO of GoDaddy, oversees a co...