The lethal trojan known as the ‘Anubis’ got in the news last year, for being notorious to seep into your android gadgets, disguised under other downloads fro the Google Play Store.
This trojan would ask for your permission to post the download to use the accessibility services of the device. Post which the malware would steal your login credentials to the crucial payment options and e-wallets.
What is Anubis?
Anubis was planted through a “dropper” with dexterity to pass through the security of Google Play and plant the malware under cover of genuine looking apps.
Bian Lian was the man behind the scenes who pushed the malware onto numerous Android devices. Anubis was very slyly disguised as very popular and high demand apps, like device cleaner, rate converters, currency converter, etc. The Threat Fabric suggested that malware would stay on the victims’ device as long as possible. Infected applications continued to work on the backend with good ratings on the Google Play store.
Anubis: What, Rather Who is BianLian?
According to the reports of the Threat Fabric researchers, BianLian refers to the ancient Chinese art form where an artist changes his/her face instantaneously. The research team also predicted well in advance that
while still dropping Anubis, [BianLian] was on the way to becoming a full-blown banking trojan itself.
The bigger surprise is that BianLian has hit it back to the same all over again. Experts at Fortinet mention that the new malware is all boosted up with new tricks of the trade to hit hard on the mobile banking apps. This devil in disguise records the screen activities, steals the credentials of the users. User accounts get blocked. The dirty business carries on without people noticing it and leaving the devices useless.
How does BianLian work?
BianLian gains consent to use the accessibility services of your device it is all set to shoot the target. A masking module documents the financial details of the users. As the ancient legacy tells, BianLian a master of disguise. It hides from every possible detection seeping in through the security of Google Play to target the end-users.
One can find a list of the apps targeted by BianLian here. Fortinet’s expert Dario Durando spread the word of caution. BianLian
to be more treacherous and
still seems to be under active development,
puts it on a par with the other big players in the banking malware space.
Kaspersky also mentioned that the mobile app attacks have drastically increased by almost three times in 2018. With such an alarming rate the things will even become worse in the coming times. All eyes are on Google to look into such malware breaches.
The next time you download a new app, beware! Maybe someone is indeed watching you!
For more updates follow Blocktoro.