SYMBOLCOMMON_NAMEaka. SYNONYMS
apk.alien (Back to overview)

Alien

aka: AlienBot

According to ThreatFabric, this is a fork of Cerberus v1 (active January 2020+). Alien is a rented banking trojan that can remotely control a phone and achieves RAT functionality by abusing TeamViewer.

References
2022-12-15Check Point ResearchCheck Point Research
@online{research:20221215:mobile:b80bb77, author = {Check Point Research}, title = {{Mobile #AlienBot malware starts utilizing an incorporated DGA module}}, date = {2022-12-15}, organization = {Check Point Research}, url = {https://twitter.com/_CPResearch_/status/1603375823448317953}, language = {English}, urldate = {2023-01-05} } Mobile #AlienBot malware starts utilizing an incorporated DGA module
Alien
2022-11-25ResecurityResecurity
@online{resecurity:20221125:in:8e040c2, author = {Resecurity}, title = {{"In The Box" - Mobile Malware Webinjects Marketplace}}, date = {2022-11-25}, organization = {Resecurity}, url = {https://resecurity.com/blog/article/in-the-box-mobile-malware-webinjects-marketplace}, language = {English}, urldate = {2022-12-07} } "In The Box" - Mobile Malware Webinjects Marketplace
Alien Cerberus Coper ERMAC Hydra
2022-09-25Github (muha2xmad)Muhammad Hasan Ali
@online{ali:20220925:technical:1bd1947, author = {Muhammad Hasan Ali}, title = {{Technical analysis of Alien android malware}}, date = {2022-09-25}, organization = {Github (muha2xmad)}, url = {https://muha2xmad.github.io/malware-analysis/alien/}, language = {English}, urldate = {2022-09-26} } Technical analysis of Alien android malware
Alien
2022-05-22Bleeping ComputerSergiu Gatlan
@online{gatlan:20220522:google:d2a26d5, author = {Sergiu Gatlan}, title = {{Google: Predator spyware infected Android devices using zero-days}}, date = {2022-05-22}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/google-predator-spyware-infected-android-devices-using-zero-days/}, language = {English}, urldate = {2022-05-24} } Google: Predator spyware infected Android devices using zero-days
Alien Chrysaor
2022-04-12Check PointCheck Point Research
@online{research:20220412:march:2c56dc6, author = {Check Point Research}, title = {{March 2022’s Most Wanted Malware: Easter Phishing Scams Help Emotet Assert its Dominance}}, date = {2022-04-12}, organization = {Check Point}, url = {https://www.checkpoint.com/press/2022/march-2022s-most-wanted-malware-easter-phishing-scams-help-emotet-assert-its-dominance/}, language = {English}, urldate = {2022-04-20} } March 2022’s Most Wanted Malware: Easter Phishing Scams Help Emotet Assert its Dominance
Alien FluBot Agent Tesla Emotet
2021-11-13ZAYOTEMHalil Filik, Mustafa Günel
@online{filik:20211113:alien:55f533e, author = {Halil Filik and Mustafa Günel}, title = {{Alien Technical Analysis Report}}, date = {2021-11-13}, organization = {ZAYOTEM}, url = {https://drive.google.com/file/d/1qd7Nqjhe2vyGZ5bGm6gVw0mM1D6YDolu/view?usp=sharing}, language = {English}, urldate = {2022-01-05} } Alien Technical Analysis Report
Alien
2021-11ThreatFabricThreatFabric
@online{threatfabric:202111:deceive:ec55fb1, author = {ThreatFabric}, title = {{Deceive the Heavens to Cross the sea}}, date = {2021-11}, organization = {ThreatFabric}, url = {https://www.threatfabric.com/blogs/deceive-the-heavens-to-cross-the-sea.html}, language = {English}, urldate = {2021-12-07} } Deceive the Heavens to Cross the sea
Alien Anatsa Hydra
2021-05-04PhishLabsJessica Ellis
@online{ellis:20210504:alien:3773dbb, author = {Jessica Ellis}, title = {{Alien Mobile Malware Evades Detection, Increases Targets}}, date = {2021-05-04}, organization = {PhishLabs}, url = {https://info.phishlabs.com/blog/alien-mobile-malware-evades-detection-increases-targets}, language = {English}, urldate = {2021-05-07} } Alien Mobile Malware Evades Detection, Increases Targets
Alien
2021-03-09Check Point ResearchAviran Hazum, Bohdan Melnykov, Israel Wernik
@online{hazum:20210309:clast82:8a3878c, author = {Aviran Hazum and Bohdan Melnykov and Israel Wernik}, title = {{Clast82 – A new Dropper on Google Play Dropping the AlienBot Banker and MRAT}}, date = {2021-03-09}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/clast82-a-new-dropper-on-google-play-dropping-the-alienbot-banker-and-mrat/}, language = {English}, urldate = {2021-03-11} } Clast82 – A new Dropper on Google Play Dropping the AlienBot Banker and MRAT
Alien
2020-11-15PRODAFT Threat IntelligencePRODAFT
@techreport{prodaft:20201115:brunhilda:a15b197, author = {PRODAFT}, title = {{BRUNHILDA - DaaS Malware Analysis Report}}, date = {2020-11-15}, institution = {PRODAFT Threat Intelligence}, url = {https://www.prodaft.com/m/reports/BrunHilda_DaaS.pdf}, language = {English}, urldate = {2022-03-22} } BRUNHILDA - DaaS Malware Analysis Report
Alien Brunhilda
2020-09-29The Missing ReportNorman Gutiérrez
@online{gutirrez:20200929:cerberus:91f4508, author = {Norman Gutiérrez}, title = {{Cerberus and Alien: the malware that has put Android in a tight spot}}, date = {2020-09-29}, organization = {The Missing Report}, url = {https://preyproject.com/blog/en/cerberus-and-alien-the-malware-that-has-put-android-in-a-tight-spot/}, language = {English}, urldate = {2021-07-20} } Cerberus and Alien: the malware that has put Android in a tight spot
Alien Cerberus
2020-09-24ThreatFabricThreatFabric
@online{threatfabric:20200924:alien:27ccc74, author = {ThreatFabric}, title = {{Alien - the story of Cerberus' demise}}, date = {2020-09-24}, organization = {ThreatFabric}, url = {https://www.threatfabric.com/blogs/alien_the_story_of_cerberus_demise.html}, language = {English}, urldate = {2020-09-25} } Alien - the story of Cerberus' demise
Alien Cerberus

There is no Yara-Signature yet.