Russian users are attacked by the banking Trojan Asacub

Infection occurs in the event that the owner of the smartphone allowed in the settings of the installation of unknown sources.

Since the end of August this year in Russia there is a large-scale campaign to infect Android-smartphones users with mobile banking Trojan Asacub. According to Kaspersky Lab, about 40,000 users are becoming victims of the Trojan every day. The malware is spread by phishing SMS messages with the suggestion to view photos or MMS at the specified link. When you go to the appropriate site and click on the download button, the device downloads malicious software.

As a rule, the Trojan is disguised as applications for working with MMS or popular services of free ads. Infection occurs if the owner of the smartphone has allowed installation of unknown sources from the settings. Next, the malware will request administrator privileges and access to the Accessibility Service.

Asacub can steal money from a credit card linked to the phone number by sending SMS messages to transfer funds to another account by card or mobile phone number. The victim will not be able to check the balance through the mobile bank or change the settings, because Asacub does not allow you to open the bank application on the device.

Among other things, the malicious user can send information about the infected device and contacts list to their operators, call the numbers indicated by the attackers, close applications (usually antivirus programs and bank applications), read and send SMS messages, etc.

The largest number of infections was recorded in Russia (98%), the list of affected countries also included Ukraine, Turkey, Germany, Belarus, Poland Armenia, Kazakhstan, USA, etc.

Leave a Reply