Press ESC to close

Hackers Target Job Seekers with AppLite Trojan Using Fake Job Emails

Attribute Details
Threat Actors Unnamed threat actors posing as recruiters/HR teams from reputable companies
Campaign Overview Sophisticated phishing campaign targeting job seekers via fake job offer emails and malicious apps
Target Regions Global, primarily targeting Android users seeking job opportunities
Methodology Phishing emails with fake job offers; malicious CRM apps used as droppers for banking trojans
Product Targeted Android devices, banking apps, cryptocurrency wallets
Malware Reference AppLite (variant of Antidot banking trojan)
Tools Used Obfuscation, dynamic behavior, command-and-control updates, malicious dropper apps
Vulnerabilities Exploited Abuse of Android Accessibility Services, two-factor authentication bypass
TTPs SMS interception, keylogging, screenshot capture, control over camera/microphone, evasion tactics
Attribution Research by Zimperium zLabs, Vishnu Pratapagiri; earlier context by Cyble researchers
Recommendations Avoid unknown app sources, verify email authenticity, update devices, enable strong security protocols
Source  Hackread

Read full article: https://hackread.com/hackers-job-seekers-banking-trojan-fake-job-emails/

Disclaimer: The above summary has been generated by an AI language model

Leave a Reply

Your email address will not be published. Required fields are marked *