| SYMBOL | COMMON_NAME | aka. SYNONYMS |
RiskIQ characterizes the Yanbian Gang as a group that targeted South Korean Android mobile banking customers since 2013 with malicious Android apps purporting to be from major banks, namely Shinhan Savings Bank, Saemaul Geumgo, Shinhan Finance, KB Kookmin Bank, and NH Savings Bank.
| 2023-03-31
⋅
Telekom
⋅
Moqhao masters new tricks MoqHao |
| 2023-03-16
⋅
Team Cymru
⋅
MoqHao Part 3: Recent Global Targeting Trends MoqHao |
| 2023-01-19
⋅
Kaspersky Labs
⋅
Roaming Mantis implements new DNS changer in its malicious mobile app in 2022 MoqHao |
| 2022-08-11
⋅
xanhacks' infosec blog
⋅
MoqHao Android malware analysis and phishing campaign MoqHao |
| 2022-07-18
⋅
Sekoia
⋅
Ongoing Roaming Mantis smishing campaign targeting France MoqHao |
| 2022-04-12
⋅
Broadcom
⋅
MoqHao malware continues to target mobile users in Europe MoqHao |
| 2022-04-07
⋅
Team Cymru
⋅
MoqHao Part 2: Continued European Expansion MoqHao |
| 2021-08-11
⋅
Team Cymru
⋅
MoqHao Part 1.5: High-Level Trends of Recent Campaigns Targeting Japan MoqHao |
| 2021-05-18
⋅
Medium (Cryptax)
⋅
A native packer for Android/MoqHao MoqHao |
| 2021-05-05
⋅
Kashif Ali Surfeit and Blasé Security
⋅
Roaming Mantis Amplifies Smishing Campaign with OS-Specific Android Malware MoqHao Roaming Mantis |
| 2021-04-07
⋅
RiskIQ
⋅
Yanbian Gang Malware Continues with Wide-Scale Distribution and C2 Yanbian Gang |
| 2021-01-20
⋅
Team Cymru
⋅
MoqHao Part 1: Identifying Phishing Infrastructure MoqHao |
| 2020-06-25
⋅
Medium CSIS Techblog
⋅
The RoamingMantis Group’s Expansion to European Apple Accounts and Android Devices FakeSpy FunkyBot MoqHao |
| 2020-02-27
⋅
Kaspersky Labs
⋅
Roaming Mantis, part V: Distributed in 2019 using SMiShing and enhanced anti-researcher techniques FunkyBot MoqHao Roaming Mantis |
| 2020-01-17
⋅
100 more behind cockroaches? MoqHao Emotet Predator The Thief |
| 2019-09-04
⋅
Fortinet
⋅
FunkyBot: A New Android Malware Family Targeting Japan FunkyBot |
| 2019-01-01
⋅
Kaspersky Labs
⋅
Roaming Mantis: an Anatomy of a DNS Hijacking Campaign MoqHao Roaming Mantis |
| 2018-11-26
⋅
Trend Micro
⋅
A Look into the Connection Between XLoader and FakeSpy, and Their Possible Ties With the Yanbian Gang FakeSpy MoqHao |
| 2018-11-26
⋅
Trend Micro
⋅
Examining XLoader, FakeSpy, and the Yanbian Gang FakeSpy MoqHao Yanbian Gang |
| 2018-06-19
⋅
Trend Micro
⋅
FakeSpy Targets Japanese and Korean-Speaking Users FakeSpy Yanbian Gang |
| 2018-04-20
⋅
Trend Micro
⋅
XLoader Android Spyware and Banking Trojan Distributed via DNS Spoofing MoqHao Yanbian Gang |
| 2015-02-12
⋅
Trend Micro
⋅
Mobile Malware Gang Steals Millions from South Korean Users Yanbian Gang |