Trusted Design

BankBot Found on Google Play and Targets Ten New UAE Banking Apps

概要

The Android-targeting BankBot malware (all variants detected by Trend Micro as ANDROIDOS_BANKBOT) first surfaced January of this year and is reportedly the improved version of an unnamed open source banking malware that was leaked in an underground hacking forum. BankBot is particularly risky because it disguises itself as legitimate banking apps, typically using fake overlay screens to mimic existing banking apps and steal user credentials. BankBot is also capable of hijacking and intercepting SMS messages, which means that it can bypass SMS-based 2-factor authentication. Throughout the year, Bankbot has been distributed as benign apps, some of which made their way onto popular app stores. In April and July of 2017, Bankbot-infected apps were detected posing as entertainment and online banking apps on Google Play. More than twenty were found and exposed during the said months.

Created: 2026-02-23

Indicators

• FileHash-SHA256 - 4d417c850c114f2791e839d47566500971668c41c47e290c8d7aefaddc62f84c -
• FileHash-SHA256 - de2367c1dcd67c97fcf085c58c15b9a3311e61c122649a53def31fb689e1356f -
• FileHash-SHA256 - ae0c7562f50e640b81646b3553eb0a6381dac66d015baa0fa95e136d2dc855f7 -
• FileHash-SHA256 - cf46fdc278dc9d29c66e40352340717b841eaf447f4beddf33a2a21678b64138 -
• FileHash-SHA256 - 6fd52e78902ed225647afb87eb1e533412505b97a82eaa7cc9ba30be6e658c0e -

類似Pulses

• A Look Into The New Strain Of BankBot (score: 0.88)
• Android Trojan GM Bot is evolving and targeting more than 50 banks worldwide (score: 0.81)
• Android banking malware masquerades as Flash Player (score: 0.80)
• Released Android malware source code used to run a banking botnet (score: 0.78)
• Android Trojan Xbot Phishes Credit Cards and Bank Accounts (score: 0.76)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る