in , ,

Riltok’s global banking Trojan is invading Europe

darknet Riltok's global banking Trojan is invading Europe
Darknet Riltok's global banking Trojan is invading Europe

Updated July 18, 2019

Originally created for Russia, Trojan Bank and Trojan
After the exchange, place the key in European market.

Recently, the virus has been infecting a quarter of its vehicle
France, Italy, Ukraine and the United Kingdom have the lowest.
As of June 25, 90 percent of the victims were in Russia
Kaspersky Blog [

For example, send a phone number to another number sent via SMS from a transmission device. . Low
Judgment for popular advertising in Russian. Victims are widely accepted
SMS with bad link on fake page
Looks like this popular ad was created by an advertiser.

You will then be prompted to download a new version of the mobile application,
This is actually a Trojan. You have to be the victim of a fake software installation
Allows you to manage applications from unknown sources on your device
Industry.

Realtock asks the user for permission to use certain services
If the access service and the user forget the request,
The ad will definitely inspire the ad.

Once the malware has received the required permission, update the Trojan
As a standard SMS (click Yes
Recovery service before deleting the tool icon).

If the device is infected, there is malware in communication
Server server both controls and receives multiple commands.

The researchers found that the malware contained information about the device.
IMEI, phone number, country, operator, phone model,
Availability of basic privileges, operating system version, serial number, list
Install the app and unsolicited text messages.

Some malware library activities include:

* Find the address of the C&C server of cyber criminals
* Buy a list of C&C cold injection files and antiques online
* See the name of the software package that triggered the incident in the list of banks / antivirus programs / other popular
programs.
* Identify the malware as a small SMS
* Find the address of the spyware page that opens during operation.

Researchers advise clients not to stick to infectious diseases
Remote messages are sent via SMS, install the tool from the root directory
Make sure everything is allowed during installation.

Comments

Leave a Reply

avatar
  Subscribe  
Notify of

Loading…

0

Comments

0 comments

darknet Six arrested for engaging in a $ 27.3 million cryptocurrency attack

Six arrested for engaging in a $ 27.3 million cryptocurrency attack

darknet The incident of home failure is punishable by 20 years in prison

The incident of home failure is punishable by 20 years in prison