SYMBOLCOMMON_NAMEaka. SYNONYMS
apk.badbazaar (Back to overview)

badbazaar

Actor(s): APT15

BadBazaar is a type of malware primarily functioning as a banking Trojan. Designed to compromise Android devices, it is often distributed through malicious apps downloaded from unofficial app stores or third-party websites. Once installed, BadBazaar seeks to steal financial information and login credentials by intercepting SMS messages, performing screen recordings, and logging keystrokes on the device. Additionally, it can execute remote commands and download and install other malicious applications, further compromising the security of the affected device.

References
2023-01-22LookoutAlemdar Islamoglu, Justin Albrecht, Kristina Balaam, Ruohan Xiong
BadBazaar: iOS and Android Surveillanceware by China’s APT15 Used to Target Tibetans and Uyghurs
badbazaar

There is no Yara-Signature yet.