News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • Android : TeaBot Android malware targets users bank accounts

    Home Forums Code Red – Security/Privacy advisories Android : TeaBot Android malware targets users bank accounts

    Viewing 0 reply threads
    • Author
      • #2365271
        AskWoody Plus

        …At the beginning of January 2021, a new Android banker started appearing and it was discovered and analysed by our Threat Intelligence and Incident Response (TIR) team.

        Since lack of information and the absence of a proper nomenclature of this Android banker family, we decide to dub it as TeaBot to better track this family inside our internal Threat Intelligence taxonomy.

        TeaBot appears to have all the main features of nowadays Android bankers achieved by abusing Accessibility Services such as:

        Ability to perform Overlay Attacks against multiple banks applications to steal login credentials and credit card information
        Ability to send / intercept / hide SMS messages
        Enabling key logging functionalities
        Ability to steal Google Authentication codes
        Ability to obtain full remote control of an Android device (via Accessibility Services and real-time screen-sharing)…

        Initially, the app name used by the malicious app was “TeaTV” however during the last month the app name was changed to “VLC MediaPlayer”, “Mobdro”, “DHL”, “UPS” and “bpost”, the same decoy used by the famous banker Flubot/Cabassous..

    Viewing 0 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

    Reply To: Android : TeaBot Android malware targets users bank accounts

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.