Malware, Threat Intelligence
Updated Octo Android banking trojan variant emerges

Novel NonEuclid remote access trojan leverages advanced evasion techniques. (Adobe Stock)
Sophisticated device hijacking and on-device fraud capabilities have been baked into the new Octo Android banking trojan variant dubbed "Octo2," which has been leveraged in attacks against Italy, Hungary, Moldova, and Poland, according to The Hacker News. Malicious apps masquerading as Google Chrome, Enterprise Europe, and NordVPN created with the Zombinder APK service have been used to deploy Octo2, which also featured a Domain Generation Algorithm-based command-and-control system that increased its resistance to attempted takedowns, a report from ThreatFabric revealed. Octo2's emergence was noted by ThreatFabric researchers to have been spurred by the exposure of its source code and shift to malware-as-a-service operations earlier this year. "This variant's ability to invisibly perform on-device fraud and intercept sensitive data, coupled with the ease with which it can be customized by different threat actors, raises the stakes for mobile banking users globally," noted ThreatFabric.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds