menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Malware News

>

Download a...
source image

Securelist

1w

read

142

img
dot

Image Credit: Securelist

Download a banker to track your parcel

  • The Android banking Trojan Mamont is now being distributed on a number of websites that offer high-value goods for cheap to businesses and individuals.
  • This is the latest attempt by criminals to distribute Mamont, which had previously been disseminated via a neighborhood chat groups or unknown messaging contacts.
  • Criminals have set up a dedicated private Telegram chat to instruct users to DM their agent to place an order. On delivery, no prepayment is required.
  • The criminals then send a tracking number to the app and attach a tracking number to download a fake parcel tracking app.
  • When installed, the Mamont banking Trojan requests permission to access a wide range of personal data, as well as initiating malicious services designed to harvest data useful for social engineering hacks to extract money, and hijack users' push notifications.
  • The cybercriminals running this Mamont campaign exclusively target Android phone users in Russia.
  • Kaspersky Security Network (KSN) telemetry data consensually provided by users revealed more than 31,000 Mamont attacks disguised as a parcel-tracking app in October and November 2024.
  • In conclusion, businesses and individuals should avoid clicking on links from unknown sources, beware of generous offers and only download apps from trusted sources.
  • To prevent Mamont from infecting devices, Kaspersky recommends using a reliable security solution.
  • If you want to check for indicators of compromise, the C2 server is at apisys003[.]com, and the MD5 for the Mamont Trojan is 12936056e8895e6a662731c798b27333.

Read Full Article

like

8 Likes

For uninterrupted reading, download the app