Trusted Design

Android Trojan GM Bot is evolving and targeting more than 50 banks worldwide

概要

A variant of the Android banking Trojan GM Bot is now targeting customers of more than 50 banks around the world, including Citibank, ING, and Bank of America. GM Bot, sometimes also known as Acecard, SlemBunk and Bankosy, scams people into giving up their banking login credentials and other personal data by displaying overlays that look nearly identical to banking apps’ login pages. Subsequently, the malware intercepts SMS to obtain two-factor authentication PINs, giving cybercriminals full access to bank accounts.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

BankBot Found on Google Play and Targets Ten New UAE Banking Apps (score: 0.81)
Android banking trojan as Flash Player and bypasses 2FA (score: 0.79)
A Look Into The New Strain Of BankBot (score: 0.78)
Android banking malware masquerades as Flash Player (score: 0.77)
Banking Trojan infected dozens of Android apps worldwide (score: 0.77)

このPulseに関連する脅威アクター (事実ベース)

APT28

Score: 10.72

Matched TTPs:

T1070.006 - Timestomp
T1589.001 - Credentials
T1669 - Wi-Fi Networks

MITREへのリンク →

UNC3886

Score: 5.34

Matched TTPs:

T1070.006 - Timestomp
T1124 - System Time Discovery

MITREへのリンク →

APT32

Score: 10.90

Matched TTPs:

T1070.006 - Timestomp
T1218.010 - Regsvr32
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1078.003 - Local Accounts

MITREへのリンク →

Kimsuky

Score: 18.37

Matched TTPs:

T1070.006 - Timestomp
T1055.012 - Process Hollowing
T1218.010 - Regsvr32
T1585 - Establish Accounts
T1111 - Multi-Factor Authentication Interception
T1078.003 - Local Accounts

MITREへのリンク →

APT29

Score: 7.94

Matched TTPs:

T1070.006 - Timestomp
T1566.003 - Spearphishing via Service
T1078.003 - Local Accounts

MITREへのリンク →

Chimera

Score: 12.40

Matched TTPs:

T1070.006 - Timestomp
T1589.001 - Credentials
T1111 - Multi-Factor Authentication Interception
T1124 - System Time Discovery

MITREへのリンク →

Lazarus Group

Score: 14.74

Matched TTPs:

T1070.006 - Timestomp
T1027.007 - Dynamic API Resolution
T1124 - System Time Discovery
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Mustang Panda

Score: 9.62

Matched TTPs:

T1070.006 - Timestomp
T1027.007 - Dynamic API Resolution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

FIN7

Score: 9.80

Matched TTPs:

T1674 - Input Injection
T1124 - System Time Discovery
T1078.003 - Local Accounts

MITREへのリンク →

Gamaredon Group

Score: 4.54

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

Gorgon Group

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

Threat Group-3390

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

Patchwork

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

BlackByte

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

TA2541

Score: 5.90

Matched TTPs:

T1055.012 - Process Hollowing
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

menuPass

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

Cobalt Group

Score: 5.49

Matched TTPs:

T1218.010 - Regsvr32
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Leviathan

Score: 6.19

Matched TTPs:

T1218.010 - Regsvr32
T1589.001 - Credentials

MITREへのリンク →

Magic Hound

Score: 9.58

Matched TTPs:

T1589.001 - Credentials
T1036.010 - Masquerade Account Name
T1566.003 - Spearphishing via Service

MITREへのリンク →

LAPSUS$

Score: 7.06

Matched TTPs:

T1589.001 - Credentials
T1111 - Multi-Factor Authentication Interception

MITREへのリンク →

OilRig

Score: 16.18

Matched TTPs:

T1137.004 - Outlook Home Page
T1573.002 - Asymmetric Cryptography
T1555.004 - Windows Credential Manager
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Velvet Ant

Score: 5.41

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1078.003 - Local Accounts

MITREへのリンク →

Tropic Trooper

Score: 5.41

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1078.003 - Local Accounts

MITREへのリンク →

APT42

Score: 6.37

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1111 - Multi-Factor Authentication Interception

MITREへのリンク →

FIN6

Score: 8.02

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

FIN8

Score: 5.49

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Contagious Interview

Score: 13.25

Matched TTPs:

T1585 - Establish Accounts
T1547.013 - XDG Autostart Entries
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Fox Kitten

Score: 3.44

Matched TTPs:

T1585 - Establish Accounts

MITREへのリンク →

Ember Bear

Score: 3.44

Matched TTPs:

T1585 - Establish Accounts

MITREへのリンク →

APT17

Score: 3.44

Matched TTPs:

T1585 - Establish Accounts

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1555.004 - Windows Credential Manager

MITREへのリンク →

Turla

Score: 8.88

Matched TTPs:

T1555.004 - Windows Credential Manager
T1124 - System Time Discovery
T1078.003 - Local Accounts

MITREへのリンク →

Wizard Spider

Score: 6.37

Matched TTPs:

T1555.004 - Windows Credential Manager
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Storm-1811

Score: 6.14

Matched TTPs:

T1036.010 - Masquerade Account Name
T1566.003 - Spearphishing via Service

MITREへのリンク →

Dragonfly

Score: 3.62

Matched TTPs:

T1036.010 - Masquerade Account Name

MITREへのリンク →

APT3

Score: 3.62

Matched TTPs:

T1036.010 - Masquerade Account Name

MITREへのリンク →

CURIUM

Score: 5.12

Matched TTPs:

T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

FIN13

Score: 4.54

Matched TTPs:

T1556 - Modify Authentication Process

MITREへのリンク →

PLATINUM

Score: 4.54

Matched TTPs:

T1056.004 - Credential API Hooking

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.77

Matched TTPs:

T1218.010 - Regsvr32
T1070.006 - Timestomp
T1078.003 - Local Accounts
T1111 - Multi-Factor Authentication Interception
T1055.012 - Process Hollowing
T1585 - Establish Accounts

MITREへのリンク →

OilRig

Score: 0.70

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1566.003 - Spearphishing via Service
T1137.004 - Outlook Home Page
T1555.004 - Windows Credential Manager

MITREへのリンク →

Lazarus Group

Score: 0.66

Matched TTPs:

T1070.006 - Timestomp
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1027.007 - Dynamic API Resolution
T1566.003 - Spearphishing via Service
T1124 - System Time Discovery

MITREへのリンク →

Contagious Interview

Score: 0.58

Matched TTPs:

T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1547.013 - XDG Autostart Entries
T1585 - Establish Accounts

MITREへのリンク →

Chimera

Score: 0.56

Matched TTPs:

T1070.006 - Timestomp
T1589.001 - Credentials
T1111 - Multi-Factor Authentication Interception
T1124 - System Time Discovery

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る