Russian police take down malware gang that infected 800,000+ Android smartphones
Russian authorities have arrested members of the TipTop cybercrime group, believed to have infected more than 800,000 Android smartphones with malware since 2015.
The group operated by renting Android banking trojans from underground hacking forums, which they later hid inside Android apps distributed via search engine ads and third-party app stores.
TipTop has been active since 2015, and operators have been making between $1,500 and $10,500 in daily profits, according to Group-IB, the cyber-security firm who helped Russian authorities track down the gang's members.
TIPTOP PRIMARILY USED HQWAR BANKING TROJAN
The group's favorite malware was the Hqwar (Agent.BID) banking trojan, which they rented and used in most of their campaigns.
Hqwar is capable of reading SMS messages, recording phone calls, and initiating USSD-requests. However, it's primary function is to show fake login screens on top of legitimate banking apps, and steal victims' login credentials.
No comments:
Post a Comment