SYMBOLCOMMON_NAMEaka. SYNONYMS
apk.redalert2 (Back to overview)

RedAlert2

URLhaus    

RedAlert 2 is an new Android malware used by an attacker to gain access to login credentials of various e-banking apps. The malware works by overlaying a login screen with a fake display that sends the credentials to a C2 server.
The malware also has the ability to block incoming calls from banks, to prevent the victim of being notified.
As a distribution vector RedAlert 2 uses third-party app stores and imitates real Android apps like Viber, Whatsapp or fake Adobe Flash Player updates.

References
2017-09-20Trend MicroTrend Micro
@online{micro:20170920:red:40a3bad, author = {Trend Micro}, title = {{Red Alert 2.0 Android Trojan Spreads Via Third Party App Stores}}, date = {2017-09-20}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/red-alert-2-0-android-trojan-spreads-via-third-party-app-stores}, language = {English}, urldate = {2020-01-08} } Red Alert 2.0 Android Trojan Spreads Via Third Party App Stores
RedAlert2
2017-09ThreatFabricCengiz Han Sahin, Wesley Gahr
@online{sahin:201709:new:896c32d, author = {Cengiz Han Sahin and Wesley Gahr}, title = {{New Android trojan targeting over 60 banks and social apps}}, date = {2017-09}, organization = {ThreatFabric}, url = {https://www.threatfabric.com/blogs/new_android_trojan_targeting_over_60_banks_and_social_apps.html}, language = {English}, urldate = {2020-01-06} } New Android trojan targeting over 60 banks and social apps
RedAlert2

There is no Yara-Signature yet.