MaliBot Steals Credentials, Cryptocurrency from Italian, Spanish Victims
A new strain of Android malware is targeting online banking customers and financial institutions, cybersecurity researchers at F5 Labs say.
Dubbed MaliBot, the banking Trojan steals financial information, credentials, crypto wallets, personal data and cookies; bypasses multi-factor authentication codes; and remotely controls infected devices.
The malware disguises itself as a cryptocurrency mining app and so far has mainly targeted victims in Spain and Italy, a geographic range that’s likely to grow.
It likewise can be used for a wider range of attacks than just stealing credentials and cryptocurrency, says F5 Labs researcher Dor Nizar. “In fact, any application which makes use of WebView is liable to having the users’ credentials and cookies stolen.”
WebView allows Android users to view web search results inside unrelated active applications.
F5 Labs say it discovered MaliBot during a separate investigation into a different malware strain, FluBot.
MaliBot’s command-and-control server, which…