Android malware found by Gustuff Group-IB; Targeting Phones, Crypto Apps, and International Banks

This malware called Gustuff is specially designed for Android phones; it is a new Trojan horse malware that is trying to steal Fiat and Crypto assets to write the next web. This Cryptocurrency and its banking app are targeted by new android malware. This cyber security company is in accordance with Group-IB, which has identified new threats; it is targeting customers of large international banks and cryptocurrencies. This malware uses sensitive data for Android accessibility features.

image.png

This Gustuff is fully equipped with automated functionality which causes mass transit and maximum benefits for its operators. Using accessibility service mechanisms means that Trojan is able to circumvent the security measures used by banks, which provide protection against the older generation of older Trojan. This group-IB has also warned that malware can duplicate valid push information. This is a change in Google's security policy introduced in new versions of Android OS, which is said by Group-IB.

image.png
pic-source

This group-IB has advised users to download apps from Google Play only. It is using contact lists to spread from user to user. So far these 32 cryptocurrencies apps are targeted with coefficients, Bitpay and bitoke wallet. This group-IB spreads Gustuff through SMS messages. This malicious Android package provides links to kit files. This malware includes clients of JP Morgan, Wells Fargo and Bank of America as well as payment systems and its messenger services.

source