Exobot Android Malware Targets Banking Apps

Android users have been warned about another Exobot banking malware source code (v. 2.5) that was leaked online. It was first detected in May 2018 and has been dubbed "Trump Edition." The leak is expected to result in a surge of malicious Android apps given that the malware source code is now available in dark web hacking forums, according to Tripwire. "The Trojan gets the package name of the foreground app without requiring any additional permissions. This is a bit buggy, still, but works in most cases. The interesting part here is that no Android permissions are required. All other Android banking Trojans families are using the Accessibility ore Use Stats permissions to achieve the same goal and therefore require user interaction with the victim," ThreatFabric security researcher, Cengiz Han Sahin told Bleeping Computer. It’s no secret that bank websites and banking apps are under constant attack and that using Android Trojans to target baking apps is fairly commonplace. With this new Trump Edition, though, there are two primary concerns for security experts: First, whenever an infected Android device hits a financial institution's website, the overlay attack steals user credentials. Second, the release of any mobile banking malware will quickly ripple across the devices.