Revive Banking Trojan

By Mezo in Mobile Malware, Banking Trojan

Translate To:

Cybercriminals are targeting the customers of a specific Spanish bank with a previously unknown banking Trojan malware. The threat is tracked by infosec experts as Revive and it is designed to infect Android devices. The goal of the attackers is to assume control over the bank accounts of their victims and then siphon funds out of them.

The threat masquerades as a new 2FA (Two-Factor Authentication) security application that is supposedly being released by the targeted bank. Once installed on the device, Revive tries to obtain various permissions under the Accessibility Service feature. If successful, the Trojan can perform numerous invasive actions on the device. The attackers can obtain sensitive information via keylogging routines, intercept SMS messages, and more. Thanks to these abilities, the threat can obtain incoming 2FA and OTP (One-Time Passwords) codes and passwords.

However, the main functionality of Revive consists of opening a fake screen designed to closely mimic the official page of the targeted bank. Users will be asked to enter their login credentials. The provided information will then be transmitted to the Command-and-Control server of the operation.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Revive Banking Trojan

Submit Comment

Trending

Safe Search Eng

Findtheirreport.com

MarioLocker Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen