The TipTop hacking group is a notorious group of hackers that is likely to originate from the Russian Federation. One of their most popular hacking tools is Hqwar – an Android-based Banking Trojan. The Russian law-enforcement authorities, in cooperation with malware experts, have managed to stop the TipTop hacking group's campaign. However, this does not mean we have seen the end of the Hqwar Trojan. It is very likely that other cyber crooks have employed the Hqwar Banking Trojan for their own malicious operations as this Trojan is known for supporting various mobile banking web pages and applications.
Able to Bypass Two-Factor Authentication
Many banking portals and applications have employed two-factor authentication to guarantee maximum security to their users. However, cleverly designed banking Trojans like the Hqwar threat are capable of bypassing this security measure as this Trojan is able to access the text message feature of the infiltrated device as well as to record phone calls. This makes it fairly easy for the attackers to fetch the login credentials of their victims.
Spreading Outside of Russia
Since the creators of the Hqwar banking Trojan are likely of Russian origin, it is not surprising that this threat's activity is mainly concentrated in Russia. Malware researchers, however, have uncovered other variants of the Hqwar banking Trojan in various countries. It is likely that other cyber crooks have taken hold of the threat and modified it to support other banking portals and applications, thus extending their reach. The creators of the Hqwar Trojan are using social engineering techniques to convince the user to install a bogus application which carries the payload of the Trojan.
You should be extra cautious when installing new software on your devices as cybercriminals are always looking for new victims. Also, make sure you download and install a legitimate Android anti-virus solution and update it regularly.