Aberebot Banking Trojan Reaches 14 Countries, Targets 140+ Banks

The Aberebot Banking Trojan is a dangerous new project, which targets Android devices in over a dozen countries. So far, the Aberebot Banking Trojan has been identified in over 18 countries, and it seems to work with a wide range of banks and financial institutions – over 140. The malware is able to display phishing overlays when the victim interacts with a banking app or site. All of the overlays have been cleverly designed to look like the original site, but there is one major difference – the data entered there will be transferred to the server of Aberebot Banking Trojan's operators.

The Trojan shares similarities with other Android Trojans, which have been popular in the past year – such as the Cerberus Banking Trojan. The Aberebot Banking Trojan seems to be spread through fake copies of popular applications, which are hosted on 3rd-party app stores and sites. For example, samples of the Aberebot Banking Trojan were found in fake versions of Google Chrome.

The Aberebot Banking Trojan Abuses the Android Accessibility Service

Once launched, victims of the Aberebot Banking Trojan will be asked to grant the app certain permissions, which legitimate apps would usually not request. Since this Trojan aims to bypass two-factor authentication, it wants to access contacts, SMS and MMS messages, and the ability to send text messages. Furthermore, it asks for access to the Android Accessibility Service – a strategy that any high-profile Android Trojan uses.

Although the Aberebot Banking Trojan targets mostly banks and online payment services, it also supports phishing overlays for some popular social media sites. It can also display a fake login prompt when the user tries to launch the fake copy of Google Chrome that the malware creates. While the Aberebot Banking Trojan does not boast spectacular features compared to other Android Trojans, it has certainly been very successful in terms of reach. The criminals behind it have managed to reach victims all over the world, and it does not seem like their campaign is near its end. The best thing to do to counter such malware is to use an up-to-date Android antivirus app on your smartphone.

August 4, 2021