Android banking trojan linked to forced labor scam compounds

Per HackRead, a new report from Infoblox Threat Intel has established a confirmed link between Southeast Asian scam operations built on forced labor and an Android banking trojan used in attacks across 21 countries. This research highlights a disturbing synergy between human trafficking and sophisticated mobile malware distribution.

The Infoblox report, in collaboration with Chong Lua Dao, reveals how individuals trafficked into scam centers are exploited to support a malware distribution system targeting mobile banking users. Attackers create fake domains mimicking legitimate services and banking interfaces, tricking victims into installing malicious Android apps disguised as essential tools. These apps, once installed, grant attackers extensive control, enabling them to intercept SMS messages, bypass biometric security, and manipulate banking sessions to steal funds.

The operation is described as malware-as-a-service, with infrastructure hosted from locations like the K99 Triumph City compound in Cambodia, where victims are forced to manage phishing campaigns and guide users through malware installation.

Source: HackRead