RedAlert 2 is an new Android malware used by an attacker to gain access to login credentials of various e-banking apps. The malware works by overlaying a login screen with a fake display that sends the credentials to a C2 server.
The malware also has the ability to block incoming calls from banks, to prevent the victim of being notified.
As a distribution vector RedAlert 2 uses third-party app stores and imitates real Android apps like Viber, Whatsapp or fake Adobe Flash Player updates.
|2017-09-20 ⋅ Trend Micro ⋅ |
Red Alert 2.0 Android Trojan Spreads Via Third Party App Stores
|2017-09 ⋅ ThreatFabric ⋅ |
New Android trojan targeting over 60 banks and social apps
There is no Yara-Signature yet.