RiskIQ characterizes the Yanbian Gang as a group that targeted South Korean Android mobile banking customers since 2013 with malicious Android apps purporting to be from major banks, namely Shinhan Savings Bank, Saemaul Geumgo, Shinhan Finance, KB Kookmin Bank, and NH Savings Bank.
There are currently no families associated with this actor.
|2021-04-07 ⋅ RiskIQ ⋅ |
Yanbian Gang Malware Continues with Wide-Scale Distribution and C2
|2018-11-26 ⋅ Trend Micro ⋅ |
Examining XLoader, FakeSpy, and the Yanbian Gang
FakeSpy XLoader Yanbian Gang
|2018-06-19 ⋅ Trend Micro ⋅ |
FakeSpy Targets Japanese and Korean-Speaking Users
FakeSpy Yanbian Gang
|2018-04-20 ⋅ Trend Micro ⋅ |
XLoader Android Spyware and Banking Trojan Distributed via DNS Spoofing
XLoader Yanbian Gang
|2015-02-12 ⋅ Trend Micro ⋅ |
Mobile Malware Gang Steals Millions from South Korean Users