Updated July 18, 2019
The Riltok Bang Trojan Bank, originally designed to attack Russia,
European market is determined after correction.
Malware has recently changed 4% of traffic
France and the lowest percentage of Italians, Ukrainians and Britons
while 90% of the victims are in Russia, data from June 25 show
Kaspersky Blog [
Riltok transmits infected machines by SMS, pretending to be
List of recipes for advertising in popular Russian services. Victims usually get it
SMS and malicious links to the site
It seems to be a popular advertising agency.
You are asked to take a new type of cell phone.
Which is really a trojan. If you want to install a fake program, you have to sacrifice it
Allows the installation of programs from unknown sources on the device
Raltock asked users to use its special features
If the user rejects or rejects the request,
After sending Windows, unlimited views were observed.
Trojans were installed after hackers received the necessary rights
The default message page (click Yes)
Access the page) before filtering the device.
After the device becomes infected, the computer actively communicates with its owner.
Server and server control and receive various commands.
The researchers found that malware sends information about the device
IMEI, phone number, country, telephone holder, telephone model,
Determine source intensity, operating system type, contact list, menu
SMS to SMS
The deposits in the malware library are:
* Get a C&C criminal address
* Online and C&C technology search configuration files with technology list
* Find the name of the software package that changed the list of bank / antivirus / other popular programs
* Creates malware when the SMS system is developing
* Find the title of the SMS page etc. and open it when the program opens
The researchers suggested that workers should not be monitored to avoid infection
I don’t know how to send the link via SMS. The software was only installed on official sources
Check the license for this problem.