Track Common Adversary Tasks Performed Using Anubis

 





To know more about it, you can go through my detailed document by clicking here







Overview

Anubis is a type of Android malware initially made for cyber espionage, but now, it's being used as a banking trojan. This trojan aims at collecting as much data about the victim as possible by simply intercepting the SMSs, keylogging, file exfiltration, screen monitoring, GPS data collection, etc. in order to abuse the device's accessibility services. 

How Does It Works?

After successfully launching itself, the trojan immediately connects with the command and control server and automatically downloads an application to start a proxy. After that, a fraudulent message appears on the screen to disable the Google Play Protect which gives the attacker full control. After completing these steps, the threat actors can extract whatever information they want and corrupt the network environment. It is believed that their main targets are the U.S. banks like Bank of America, U.S. Bank, Capital One, Chase, SunTrust, Wells Fargo, etc.  


Prevention:

In order to save your devices from getting infected with such malwares, you can follow these steps:
  • Don't open any kind of suspicious or irrelevant emails.

  • As these malwares are often introduced via bogus forums, you should always use official and verified channels for downloading.

  • Don't use illegal activation tools and third party updates.

  • Always install a reputable anti-virus/anti-spyware and keep it updated.

  • Scan your device with a legitimate anti-malware software in order to remove any malware infections.













To know more about it, you can go through my detailed document by clicking here
































Comments

Popular posts from this blog

Deployment (Part 3)

Deployment (Part 1)

Project Resourcing (Part 2)