Someone leaked the source code of a banking Android trojan που ανακαλύφθηκε πρόσφατα. Ερευνητές ασφάλειας έχουν καταλήξει στο συμπέρασμα ότι το πρόσφατο κύμα attacks of banking Android trojans have one thing in common: The code is the same.
At 2015, there was an outbreak of bankers trojans targeting Android devices. Security researchers from FireEye discovered SlemBunk, Symantec reported Bankosy, and last week, Heimdal Security unveiled Mazar BOT.
According to IBM's X-Force Team, all of these Android trojans belong to the same family that IBM monitors from 2014.
The malware, called GM Bot, appeared in Russian underground forums και πωλούνταν από 500 έως 450 δολάρια. Υπάρχουν και άλλα που χρησιμοποιούνται λιγότερο, με τα ονόματα Acecard και Slempo.
As IBM explains, the developer of this threat has decided to abandon the current version (v1) and move on to a new one, but not before selling the distribution rights of the latest version of Mazar BOT.
The source code of Mazar BOT, however, leaked when the administrator of an underground hacking forum bought the source code and offered it for free to every registered user of the forum….
The source code was placed in a password protected file access, and to get it registered users had only to ask the forum administrator for the code.
Of course, things did not go as planned and users started to share the code with each other.
And now what;
In the event of malicious software spilling source code, waves of attacks from thousands of malware mutations are erupting. Logical because every user with programming knowledge can add his or her own data to the code and evolve it or change it as it wishes.
Here is to mention that Mazar BOT is one of the most, if not the most dangerous, bank malicious trojan that beats Android devices.