Menu
Cybersecurity researchers discovered a troubling surge in cyberattacks involving a fake banking app specifically crafted to target Android users using Telegram as the primary distribution channel. The fake app was engineered to closely mimic authentic banking apps, meticulously replicating user interface elements and official logos to instill false trust among unsuspecting users.
The app was disseminated through Telegram groups and channels, where adversaries exploited its encrypted, anonymous nature to rapidly reach a wide, geographically diverse audience.
Once installed, the malware employs advanced evasion techniques, including code obfuscation to hide its malicious logic, dynamic loading to minimize detection on app stores, and behavioral evasion, delaying or modifying its actions when it senses it’s running within an analysis environment or sandbox.
Beyond the threat to individual users who may suffer account takeover, credential theft, unauthorized transactions, and identity theft, such campaigns also pose a reputational risk to financial institutions, undermining customer confidence in digital banking services.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
