Uncovering ICICI Phishing Campaign: New Fraud App Found

NetmanageIT OpenCTI - opencti.netmanageit.com

Uncovering ICICI Phishing Campaign: New Fraud App Found



SUMMARY :

A malicious host mimicking ICICI Bank has been discovered, along with a fraudulent app disguised as ICICI Helpdesk. The phishing domain, cppcccare.com, is hosted on an ASN known for various malicious activities. The fraudulent app, named 'ICICI.apk', is detected as a Trojan Banker, Keylogger, and SMSspy. It's believed to have been operational since August 2024, with a falsely inflated download count of 500K+. The app's description matches other fraudulent apps, indicating a broader phishing campaign. The incident has been reported to the bank, hosting provider, and CERT-IN authorities. The article provides detailed technical information about the malicious domain and app, including file hashes and package details.

OPENCTI LABELS :

trojan,banking,android


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Uncovering ICICI Phishing Campaign: New Fraud App Found