SYMBOLCOMMON_NAMEaka. SYNONYMS
apk.hydra (Back to overview)

Hydra


Avira states that Hydra is an Android BankBot variant, a type of malware designed to steal banking credentials. The way it does this is by requesting the user enables dangerous permissions such as accessibility and every time the banking app is opened, the malware is hijacking the user by overwriting the legit banking application login page with a malicious one. The goal is the same, to trick the user to enter his login credentials so that it will go straight to the malware authors.

References
2023-07-11SpamhausSpamhaus Malware Labs
@techreport{labs:20230711:spamhaus:4e2885e, author = {Spamhaus Malware Labs}, title = {{Spamhaus Botnet Threat Update Q2 2023}}, date = {2023-07-11}, institution = {Spamhaus}, url = {https://info.spamhaus.com/hubfs/Botnet%20Reports/2023%20Q2%20Botnet%20Threat%20Update.pdf}, language = {English}, urldate = {2023-07-22} } Spamhaus Botnet Threat Update Q2 2023
Hydra AsyncRAT Aurora Stealer Ave Maria BumbleBee Cobalt Strike DCRat Havoc IcedID ISFB NjRAT QakBot Quasar RAT RecordBreaker RedLine Stealer Remcos Rhadamanthys Sliver Tofsee
2022-11-25ResecurityResecurity
@online{resecurity:20221125:in:8e040c2, author = {Resecurity}, title = {{"In The Box" - Mobile Malware Webinjects Marketplace}}, date = {2022-11-25}, organization = {Resecurity}, url = {https://resecurity.com/blog/article/in-the-box-mobile-malware-webinjects-marketplace}, language = {English}, urldate = {2022-12-07} } "In The Box" - Mobile Malware Webinjects Marketplace
Alien Cerberus Coper ERMAC Hydra
2022-09-21Github (muha2xmad)Muhammad Hasan Ali
@online{ali:20220921:technical:04911e9, author = {Muhammad Hasan Ali}, title = {{Technical analysis of Hydra android malware}}, date = {2022-09-21}, organization = {Github (muha2xmad)}, url = {https://muha2xmad.github.io/malware-analysis/hydra/}, language = {English}, urldate = {2022-09-21} } Technical analysis of Hydra android malware
Hydra Joker
2022-09-16muha2xmadMuhammad Hasan Ali
@online{ali:20220916:tweets:b0293e1, author = {Muhammad Hasan Ali}, title = {{Tweets about Hydra android malware}}, date = {2022-09-16}, organization = {muha2xmad}, url = {https://twitter.com/muha2xmad/status/1570788983474638849}, language = {English}, urldate = {2022-09-19} } Tweets about Hydra android malware
Hydra
2022-06-13cybleCyble Research Labs
@online{labs:20220613:hydra:b8c7a23, author = {Cyble Research Labs}, title = {{Hydra Android Malware Distributed Via Play Store}}, date = {2022-06-13}, organization = {cyble}, url = {https://blog.cyble.com/2022/06/13/hydra-android-malware-distributed-via-play-store/}, language = {English}, urldate = {2022-06-15} } Hydra Android Malware Distributed Via Play Store
Hydra
2022-06-09Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220609:quick:0b409f4, author = {Axelle Apvrille}, title = {{Quick look into a new sample of Android/BianLian}}, date = {2022-06-09}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/quick-look-into-a-new-sample-of-android-bianlian-bc5619efa726}, language = {English}, urldate = {2022-08-15} } Quick look into a new sample of Android/BianLian
BianLian Hydra
2022-03-17AviraIonut Bucur, Avira Protection Labs
@online{bucur:20220317:avira:fe8909a, author = {Ionut Bucur and Avira Protection Labs}, title = {{Avira Labs Research Reveals Hydra Banking Trojan 2.0 targeting a wider network of German and Austrian banks}}, date = {2022-03-17}, organization = {Avira}, url = {https://www.avira.com/en/blog/avira-labs-research-reveals-hydra-banking-trojan-2-0}, language = {English}, urldate = {2022-03-17} } Avira Labs Research Reveals Hydra Banking Trojan 2.0 targeting a wider network of German and Austrian banks
Hydra
2022-01-25Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220125:bianlian:016e450, author = {Axelle Apvrille}, title = {{BianLian C&C domain name}}, date = {2022-01-25}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/bianlian-c-c-domain-name-4f226a29e221}, language = {English}, urldate = {2022-08-15} } BianLian C&C domain name
BianLian Hydra
2022-01-21Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220121:creating:9e6e3cf, author = {Axelle Apvrille}, title = {{Creating a safe dummy C&C to test Android bots}}, date = {2022-01-21}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/creating-a-safe-dummy-c-c-to-test-android-bots-ffa6e7a3dce5}, language = {English}, urldate = {2022-08-15} } Creating a safe dummy C&C to test Android bots
BianLian Hydra
2022-01-17Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220117:androidbianlian:f425de5, author = {Axelle Apvrille}, title = {{Android/BianLian payload}}, date = {2022-01-17}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/android-bianlian-payload-61febabed00a}, language = {English}, urldate = {2022-08-15} } Android/BianLian payload
BianLian Hydra
2021-11ThreatFabricThreatFabric
@online{threatfabric:202111:deceive:ec55fb1, author = {ThreatFabric}, title = {{Deceive the Heavens to Cross the sea}}, date = {2021-11}, organization = {ThreatFabric}, url = {https://www.threatfabric.com/blogs/deceive-the-heavens-to-cross-the-sea.html}, language = {English}, urldate = {2021-12-07} } Deceive the Heavens to Cross the sea
Alien Anatsa Hydra
2020-02ThreatFabricThreatFabric
@online{threatfabric:202002:2020:b875962, author = {ThreatFabric}, title = {{2020 - Year of the RAT}}, date = {2020-02}, organization = {ThreatFabric}, url = {https://www.threatfabric.com/blogs/2020_year_of_the_rat.html}, language = {English}, urldate = {2020-02-27} } 2020 - Year of the RAT
Anubis Cerberus Ginp Gustuff Hydra
2019-07-18Ahmet Bilal Can
@online{can:20190718:android:5097363, author = {Ahmet Bilal Can}, title = {{Android Malware Analysis : Dissecting Hydra Dropper}}, date = {2019-07-18}, url = {https://pentest.blog/android-malware-analysis-dissecting-hydra-dropper/}, language = {English}, urldate = {2019-12-05} } Android Malware Analysis : Dissecting Hydra Dropper
Hydra

There is no Yara-Signature yet.