A Network of Harm: Gigabud Threat and Its Associates
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
An investigation reveals a significant connection between Gigabud and Spynote malware families, targeting over 50 financial apps including banks and cryptocurrency platforms. The campaign utilizes sophisticated distribution methods, including 11 command and control servers and 79 phishing websites impersonating reputable brands. The malware, often protected by the Virbox packer, spreads through deceptive tactics and grants attackers remote control over compromised devices. The operation's global reach is evident, targeting not only Vietnamese entities but also international brands. This coordinated effort showcases a shift in focus from government impersonations to directly targeting financial institutions, posing risks to both consumer and corporate applications.
OPENCTI LABELS :
phishing,banking trojan,spynote,cryptocurrency,gigabud,android rat
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
A Network of Harm: Gigabud Threat and Its Associates