Malware

Russian ‘Fantasy Hub’ Android RAT exposes financial data

Privacy concept: pixelated words Malware on digital background, 3d render

According to Security Affairs, Zimperium researchers uncovered Fantasy Hub, a Russian malware-as-a-service (MaaS) Android remote access trojan (RAT) that allows attackers to spy, steal data, and control devices through Telegram.

Fantasy Hub enables attackers to take control of infected devices, intercept SMS messages, and access contacts, call logs, images and videos. The malware can also intercept, reply to and delete incoming notifications. Attackers target financial institutions by displaying fake login windows for banks like Alfa, PSB, Tbank, and Sber to steal credentials. The malware's command & control panel provides detailed device information and allows remote operation and monitoring of compromised devices.

The proliferation of MaaS operations like Fantasy Hub underscores how easily attackers can exploit legitimate Android components for complete device compromise. This sophisticated malware's combination of social engineering and abuse of system roles presents a significant threat to both those relying on mobile banking or sensitive apps.

Source: Security Affairs

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Adware

You can skip this ad in 5 seconds