AppLite: A New AntiDot Variant Targeting Mobile Employee Devices

SUMMARY :

A sophisticated Mishing campaign delivers malware to Android devices, enabling credential theft from banking, cryptocurrency, and critical applications. The campaign uses phishing domains to distribute a new variant of the Antidot banking trojan, dubbed AppLite Banker. Attackers pose as recruiters, tricking victims into downloading a malicious app that installs AppLite. The malware can mimic enterprise apps, Chrome, and TikTok, allowing for device takeover and application access. It uses advanced techniques like ZIP manipulation, websocket communication, and overlay attacks to evade detection and steal credentials. AppLite targets users in multiple languages and focuses on banking, cryptocurrency, and finance apps across various countries.

OPENCTI LABELS :

banking trojan,android,applite


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


AppLite: A New AntiDot Variant Targeting Mobile Employee Devices