Trusted Design

BankBot Found on Google Play and Targets Ten New UAE Banking Apps

概要

The Android-targeting BankBot malware (all variants detected by Trend Micro as ANDROIDOS_BANKBOT) first surfaced January of this year and is reportedly the improved version of an unnamed open source banking malware that was leaked in an underground hacking forum. BankBot is particularly risky because it disguises itself as legitimate banking apps, typically using fake overlay screens to mimic existing banking apps and steal user credentials. BankBot is also capable of hijacking and intercepting SMS messages, which means that it can bypass SMS-based 2-factor authentication. Throughout the year, Bankbot has been distributed as benign apps, some of which made their way onto popular app stores. In April and July of 2017, Bankbot-infected apps were detected posing as entertainment and online banking apps on Google Play. More than twenty were found and exposed during the said months.

Created: 2026-02-23

Indicators

類似Pulses

A Look Into The New Strain Of BankBot (score: 0.88)
Android Trojan GM Bot is evolving and targeting more than 50 banks worldwide (score: 0.81)
Android banking malware masquerades as Flash Player (score: 0.80)
Released Android malware source code used to run a banking botnet (score: 0.78)
Android Trojan Xbot Phishes Credit Cards and Bank Accounts (score: 0.76)

このPulseに関連する脅威アクター (事実ベース)

Dragonfly

Score: 3.78

Matched TTPs:

T1156 - Malicious Shell Modification
T1218.010 - Regsvr32

MITREへのリンク →

BRONZE BUTLER

Score: 7.62

Matched TTPs:

T1156 - Malicious Shell Modification
T1592.004 - Client Configurations
T1218.010 - Regsvr32

MITREへのリンク →

Gamaredon Group

Score: 8.84

Matched TTPs:

T1156 - Malicious Shell Modification
T1608.005 - Link Target
T1061 - Graphical User Interface

MITREへのリンク →

OilRig

Score: 16.23

Matched TTPs:

T1156 - Malicious Shell Modification
T1059.004 - Unix Shell
T1218.010 - Regsvr32
T1556.009 - Conditional Access Policies
T1526 - Cloud Service Discovery
T1547.008 - LSASS Driver

MITREへのリンク →

APT28

Score: 13.36

Matched TTPs:

T1156 - Malicious Shell Modification
T1608.005 - Link Target
T1218.010 - Regsvr32
T1197 - BITS Jobs
T1055.008 - Ptrace System Calls

MITREへのリンク →

MoustachedBouncer

Score: 6.82

Matched TTPs:

T1156 - Malicious Shell Modification
T1055.003 - Thread Execution Hijacking

MITREへのリンク →

Magic Hound

Score: 12.54

Matched TTPs:

T1156 - Malicious Shell Modification
T1016.002 - Wi-Fi Discovery
T1588.001 - Malware
T1608.005 - Link Target
T1547.008 - LSASS Driver

MITREへのリンク →

MuddyWater

Score: 5.79

Matched TTPs:

T1156 - Malicious Shell Modification
T1608.005 - Link Target
T1218.010 - Regsvr32

MITREへのリンク →

Winter Vivern

Score: 4.38

Matched TTPs:

T1156 - Malicious Shell Modification
T1588.001 - Malware

MITREへのリンク →

Kimsuky

Score: 24.07

Matched TTPs:

T1156 - Malicious Shell Modification
T1588.001 - Malware
T1552.003 - Shell History
T1608.005 - Link Target
T1001 - Data Obfuscation
T1027.014 - Polymorphic Code
T1197 - BITS Jobs
T1526 - Cloud Service Discovery
T1490 - Inhibit System Recovery

MITREへのリンク →

Dark Caracal

Score: 4.81

Matched TTPs:

T1156 - Malicious Shell Modification
T1547.008 - LSASS Driver

MITREへのリンク →

FIN7

Score: 13.60

Matched TTPs:

T1156 - Malicious Shell Modification
T1011.001 - Exfiltration Over Bluetooth
T1588.001 - Malware
T1608.005 - Link Target
T1490 - Inhibit System Recovery

MITREへのリンク →

TA505

Score: 3.62

Matched TTPs:

T1016.002 - Wi-Fi Discovery

MITREへのリンク →

RedCurl

Score: 3.62

Matched TTPs:

T1016.002 - Wi-Fi Discovery

MITREへのリンク →

Sandworm Team

Score: 5.12

Matched TTPs:

T1016.002 - Wi-Fi Discovery
T1218.010 - Regsvr32

MITREへのリンク →

APT29

Score: 12.54

Matched TTPs:

T1592.004 - Client Configurations
T1608.005 - Link Target
T1218.010 - Regsvr32
T1547.008 - LSASS Driver
T1490 - Inhibit System Recovery

MITREへのリンク →

APT32

Score: 14.86

Matched TTPs:

T1592.004 - Client Configurations
T1588.001 - Malware
T1608.005 - Link Target
T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1490 - Inhibit System Recovery

MITREへのリンク →

FIN13

Score: 9.16

Matched TTPs:

T1588.001 - Malware
T1552.003 - Shell History
T1686.001 - Cloud Firewall

MITREへのリンク →

Wizard Spider

Score: 8.87

Matched TTPs:

T1588.001 - Malware
T1556.009 - Conditional Access Policies
T1526 - Cloud Service Discovery

MITREへのリンク →

BITTER

Score: 3.59

Matched TTPs:

T1588.001 - Malware
T1218.010 - Regsvr32

MITREへのリンク →

FIN6

Score: 4.62

Matched TTPs:

T1588.001 - Malware
T1547.008 - LSASS Driver

MITREへのリンク →

PROMETHIUM

Score: 8.89

Matched TTPs:

T1588.001 - Malware
T1547.015 - Login Items
T1490 - Inhibit System Recovery

MITREへのリンク →

UNC3886

Score: 10.87

Matched TTPs:

T1588.001 - Malware
T1547.015 - Login Items
T1059.004 - Unix Shell
T1218.010 - Regsvr32

MITREへのリンク →

ZIRCONIUM

Score: 7.55

Matched TTPs:

T1588.001 - Malware
T1608.005 - Link Target
T1197 - BITS Jobs

MITREへのリンク →

Higaisa

Score: 7.43

Matched TTPs:

T1588.001 - Malware
T1218.010 - Regsvr32
T1567.002 - Exfiltration to Cloud Storage

MITREへのリンク →

Lazarus Group

Score: 16.10

Matched TTPs:

T1588.001 - Malware
T1608.005 - Link Target
T1218.010 - Regsvr32
T1567.002 - Exfiltration to Cloud Storage
T1055.005 - Thread Local Storage
T1547.008 - LSASS Driver

MITREへのリンク →

Storm-0501

Score: 7.36

Matched TTPs:

T1588.001 - Malware
T1552.003 - Shell History
T1027.014 - Polymorphic Code

MITREへのリンク →

APT41

Score: 3.59

Matched TTPs:

T1588.001 - Malware
T1218.010 - Regsvr32

MITREへのリンク →

Contagious Interview

Score: 7.06

Matched TTPs:

T1552.003 - Shell History
T1608.005 - Link Target
T1547.008 - LSASS Driver

MITREへのリンク →

Scattered Spider

Score: 5.96

Matched TTPs:

T1552.003 - Shell History
T1197 - BITS Jobs

MITREへのリンク →

Medusa Group

Score: 4.54

Matched TTPs:

T1552.003 - Shell History
T1608.005 - Link Target

MITREへのリンク →

Play

Score: 5.19

Matched TTPs:

T1552.003 - Shell History
T1490 - Inhibit System Recovery

MITREへのリンク →

HAFNIUM

Score: 8.81

Matched TTPs:

T1608.005 - Link Target
T1055.008 - Ptrace System Calls
T1490 - Inhibit System Recovery

MITREへのリンク →

Mustang Panda

Score: 14.63

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32
T1567.002 - Exfiltration to Cloud Storage
T1526 - Cloud Service Discovery
T1055.005 - Thread Local Storage

MITREへのリンク →

Turla

Score: 11.45

Matched TTPs:

T1608.005 - Link Target
T1059.004 - Unix Shell
T1556.009 - Conditional Access Policies
T1490 - Inhibit System Recovery

MITREへのリンク →

Confucius

Score: 3.51

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32

MITREへのリンク →

Saint Bear

Score: 3.51

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32

MITREへのリンク →

TA2541

Score: 5.16

Matched TTPs:

T1608.005 - Link Target
T1001 - Data Obfuscation

MITREへのリンク →

Patchwork

Score: 7.80

Matched TTPs:

T1059.004 - Unix Shell
T1001 - Data Obfuscation
T1218.010 - Regsvr32

MITREへのリンク →

Deep Panda

Score: 5.90

Matched TTPs:

T1059.004 - Unix Shell
T1027.014 - Polymorphic Code

MITREへのリンク →

GALLIUM

Score: 3.15

Matched TTPs:

T1059.004 - Unix Shell

MITREへのリンク →

APT3

Score: 4.65

Matched TTPs:

T1059.004 - Unix Shell
T1218.010 - Regsvr32

MITREへのリンク →

Gorgon Group

Score: 3.15

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

Threat Group-3390

Score: 7.80

Matched TTPs:

T1001 - Data Obfuscation
T1218.010 - Regsvr32
T1526 - Cloud Service Discovery

MITREへのリンク →

BlackByte

Score: 3.15

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

menuPass

Score: 3.15

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

Cobalt Group

Score: 4.24

Matched TTPs:

T1027.014 - Polymorphic Code
T1218.010 - Regsvr32

MITREへのリンク →

Leviathan

Score: 4.24

Matched TTPs:

T1027.014 - Polymorphic Code
T1218.010 - Regsvr32

MITREへのリンク →

Inception

Score: 4.24

Matched TTPs:

T1027.014 - Polymorphic Code
T1218.010 - Regsvr32

MITREへのリンク →

EXOTIC LILY

Score: 4.02

Matched TTPs:

T1218.010 - Regsvr32
T1547.008 - LSASS Driver

MITREへのリンク →

BlackTech

Score: 4.65

Matched TTPs:

T1218.010 - Regsvr32
T1526 - Cloud Service Discovery

MITREへのリンク →

Sea Turtle

Score: 4.16

Matched TTPs:

T1218.010 - Regsvr32
T1490 - Inhibit System Recovery

MITREへのリンク →

Tropic Trooper

Score: 4.16

Matched TTPs:

T1218.010 - Regsvr32
T1490 - Inhibit System Recovery

MITREへのリンク →

Moonstone Sleet

Score: 5.96

Matched TTPs:

T1197 - BITS Jobs
T1547.008 - LSASS Driver

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1556.009 - Conditional Access Policies

MITREへのリンク →

FIN8

Score: 3.15

Matched TTPs:

T1526 - Cloud Service Discovery

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.75

Matched TTPs:

T1552.003 - Shell History
T1490 - Inhibit System Recovery
T1526 - Cloud Service Discovery
T1027.014 - Polymorphic Code
T1001 - Data Obfuscation
T1588.001 - Malware
T1608.005 - Link Target
T1156 - Malicious Shell Modification
T1197 - BITS Jobs

MITREへのリンク →

Lazarus Group

Score: 0.55

Matched TTPs:

T1055.005 - Thread Local Storage
T1567.002 - Exfiltration to Cloud Storage
T1588.001 - Malware
T1608.005 - Link Target
T1547.008 - LSASS Driver
T1218.010 - Regsvr32

MITREへのリンク →

FIN7

Score: 0.55

Matched TTPs:

T1490 - Inhibit System Recovery
T1588.001 - Malware
T1156 - Malicious Shell Modification
T1011.001 - Exfiltration Over Bluetooth
T1608.005 - Link Target

MITREへのリンク →

OilRig

Score: 0.55

Matched TTPs:

T1059.004 - Unix Shell
T1556.009 - Conditional Access Policies
T1526 - Cloud Service Discovery
T1156 - Malicious Shell Modification
T1547.008 - LSASS Driver
T1218.010 - Regsvr32

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る