IBM X-Force Delves Into ExoBot’s Leaked Source Code
** This blog post was written with IBM X-Force researcher Shahar Tavor who reversed ExoBot's source code **
Looking for the technical rundown? Check out the original post here.
Following the recent source code leak of the Android banking
Trojan ExoBot, IBM X-Force research delved into the malware’s inner workings to
help uncover insights into its dynamic mechanisms and the features that help
criminals use it in cross-channel bank fraud.
ExoBot Genesis
ExoBot is Android malware that was based originally on a
previous code known as Marcher. This code represents a banking Trojan that uses
the overlay technique — that is, popping up fake windows that hide the original
app users open — to trick victims into tapping their banking credentials into a
fake interface. After stealing account access details, the malware can also
intercept SMS messages and phone calls, thereby enabling criminals to take over
the victim’s bank account and other financial accounts at their discretion.
Some of the capabilities that enable ExoBot to facilitate
fraudulent activity on infected devices include gaining admin privileges,
launching overlay screens, and exfiltrating SMS, data and other information
from the infected device.
In 2016, ExoBot’s developer was selling the malware on the
clear web for a while, even advertising an upgrade in May 2017. In January
2018, the actor decided to sell it off in the underground, but by May 2018, the
source code was leaked online by an unknown actor.
Source code leaks, especially those of Android malware
codes, have happened in the recent past. When they do, they give rise to
variants and variations of the same malware, lowering the bar for more
criminals to enter the mobile malware scene and try their hand at mobile
banking fraud.
Delving Into ExoBot’s Inner Workings
The following sections describe technical details about
ExoBot as analyzed by X-Force mobile threat researcher Shahar Tavor.
Looking for the technical rundown? Check out the original post here.
These posts are very superb! I must say to you it was really helpful for us and I am waiting for your more different kinds of posts. Thank you!!!
ReplyDeleteLinux Training in Chennai
Linux Course in Chennai
Best Linux Training Institute in Chennai
Excel Training in Chennai
Corporate Training in Chennai
Embedded System Course Chennai
Linux Training in OMR
Linux Training in Velachery
This was one of the best blogs I have read yet. My sincere thanks to the author of the blog for sharing this with us.
ReplyDeleteIELTS Coaching in Tambaram
IELTS Coaching Centre in Tambaram
IELTS Training in Tambaram
IELTS Coaching In Velachery
IELTS Coaching Centre in Velachery
IELTS Training in Velachery
IELTS Coaching in T Nagar
IELTS Classes in T Nagar
IELTS Training in T Nagar
I found decent information in your article. I am impressed with how nicely you described this subject, It is a gainful article for us. Thanks for share it. Cisco Competitors and Alternatives
ReplyDeleteYou've written a fantastic article. This article provided me with some useful knowledge. Thank you for providing this information. Capital Security Investment Bank
ReplyDeleteFon perde modelleri
ReplyDeleteSMS ONAY
vodafone mobil ödeme bozdurma
NFTNASİLALİNİR.COM
Ankara evden eve nakliyat
trafik sigortası
DEDEKTOR
Kurma web sitesi
AŞK KİTAPLARI