Evolution of Zanubis, a banking Trojan for Android

SUMMARY :

Zanubis is an evolving Android banking Trojan that emerged in 2022, targeting financial institutions in Peru before expanding to virtual cards and crypto wallets. It impersonates legitimate apps to trick users into granting accessibility permissions, enabling extensive data theft and device control. The malware has undergone significant development, incorporating features like SMS hijacking, screen recording, and device credential stealing. Recent versions show improved obfuscation, encryption, and silent installation techniques. The threat actors, likely based in Peru, continue to refine the malware's capabilities and targeting strategy, focusing on high-value financial targets in the region.

OPENCTI LABELS :

banking trojan,android,credential theft,sms hijacking,zanubis


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Evolution of Zanubis, a banking Trojan for Android