Trojan-Banker.AndroidOS.Faketoken follow-up
概要
December 19:
Many mobile bankers can block a device in order to extort money from its user. But we have discovered a modification of the mobile banking Trojan Trojan-Banker.AndroidOS.Faketoken that went even further – it can encrypt user data. In addition to that, this modification is attacking more than 2,000 financial apps around the world.
We have managed to detect several thousand Faketoken installation packages capable of encrypting data, the earliest of which dates back to July 2016. According to our information, the number of this banker’s victims exceeds 16,000 users in 27 countries, with most located in Russia, Ukraine, Germany and Thailand.
Trojan-Banker.AndroidOS.Faketoken is distributed under the guise of various programs and games, often imitating Adobe Flash Player.
Many others hashes available ... but could be other variants. Investigations in progress.
Created: 2026-02-23
Indicators
Indicatorsは見つかっていない。
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 5.90
Matched TTPs:
- T1560.003 - Archive via Custom Method
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1560.003 - Archive via Custom Method
MITREへのリンク →
Score: 15.73
Matched TTPs:
- T1560.003 - Archive via Custom Method
- T1091 - Replication Through Removable Media
- T1027.007 - Dynamic API Resolution
- T1564.001 - Hidden Files and Directories
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 12.55
Matched TTPs:
- T1560.003 - Archive via Custom Method
- T1657 - Financial Theft
- T1550.002 - Pass the Hash
- T1588.005 - Exploits
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1560.003 - Archive via Custom Method
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1560.003 - Archive via Custom Method
MITREへのリンク →
Score: 12.70
Matched TTPs:
- T1560.003 - Archive via Custom Method
- T1027.007 - Dynamic API Resolution
- T1564.001 - Hidden Files and Directories
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 6.03
Matched TTPs:
- T1069 - Permission Groups Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 5.81
Matched TTPs:
- T1069 - Permission Groups Discovery
- T1657 - Financial Theft
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1069 - Permission Groups Discovery
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1069 - Permission Groups Discovery
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1069 - Permission Groups Discovery
MITREへのリンク →
Score: 11.22
Matched TTPs:
- T1069 - Permission Groups Discovery
- T1657 - Financial Theft
- T1550.002 - Pass the Hash
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 7.57
Matched TTPs:
- T1091 - Replication Through Removable Media
- T1001 - Data Obfuscation
MITREへのリンク →
Score: 5.70
Matched TTPs:
- T1091 - Replication Through Removable Media
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 3.03
Matched TTPs:
- T1091 - Replication Through Removable Media
MITREへのリンク →
Score: 3.03
Matched TTPs:
- T1091 - Replication Through Removable Media
MITREへのリンク →
Score: 10.24
Matched TTPs:
- T1091 - Replication Through Removable Media
- T1674 - Input Injection
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 12.58
Matched TTPs:
- T1091 - Replication Through Removable Media
- T1550.002 - Pass the Hash
- T1564.001 - Hidden Files and Directories
- T1550.001 - Application Access Token
MITREへのリンク →
Score: 5.70
Matched TTPs:
- T1091 - Replication Through Removable Media
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Score: 5.27
Matched TTPs:
- T1657 - Financial Theft
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1564.005 - Hidden File System
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1564.005 - Hidden File System
MITREへのリンク →
Score: 8.16
Matched TTPs:
- T1550.002 - Pass the Hash
- T1564.001 - Hidden Files and Directories
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 5.49
Matched TTPs:
- T1550.002 - Pass the Hash
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 6.88
Matched TTPs:
- T1550.002 - Pass the Hash
- T1588.005 - Exploits
MITREへのリンク →
Score: 6.80
Matched TTPs:
- T1564.001 - Hidden Files and Directories
- T1550.001 - Application Access Token
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.81
Matched TTPs:
- T1027.007 - Dynamic API Resolution
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1564.001 - Hidden Files and Directories
- T1560.003 - Archive via Custom Method
- T1091 - Replication Through Removable Media
MITREへのリンク →
Score: 0.68
Matched TTPs:
- T1027.007 - Dynamic API Resolution
- T1564.001 - Hidden Files and Directories
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1560.003 - Archive via Custom Method
MITREへのリンク →
Score: 0.68
Matched TTPs:
- T1091 - Replication Through Removable Media
- T1550.001 - Application Access Token
- T1564.001 - Hidden Files and Directories
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 0.66
Matched TTPs:
- T1588.005 - Exploits
- T1657 - Financial Theft
- T1560.003 - Archive via Custom Method
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 0.64
Matched TTPs:
- T1564.001 - Hidden Files and Directories
- T1657 - Financial Theft
- T1069 - Permission Groups Discovery
- T1550.002 - Pass the Hash
MITREへのリンク →
Score: 0.63
Matched TTPs:
- T1091 - Replication Through Removable Media
- T1674 - Input Injection
- T1564.001 - Hidden Files and Directories
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design