Exobot Android Malware

BlackRock Android Malware

Exobot is the name of a newly discovered piece of malware that targets Android devices and exhibits features characteristic of infostealers, banking trojans, and botnets.

Android malware is commonly focused on stealing information from banking applications and Exobot is no different. The malware can create invisible overlays on legitimate banking application screens that are used to capture the information the user inputs, thinking they are using their perfectly safe personal banking app. The damage that can stem from your online banking credentials being stolen is immeasurable.

Additionally, Exobot can create botnet nodes on infected devices, making them part of a wider malicious network. Infected devices that have become part of the botnet can be used to distribute further malicious SMS messages.

The malware can receive commands through SMS messages, immediately wiping the incoming messages containing the instructions from the malware's operators. It can also send outgoing text messages. Finally, Exobot can also lock the victim device entirely, giving it ransomware-like capabilities.

June 13, 2022