Track Common Adversary Tasks Performed Using Asacub

 







To know more about it, you can go through my detailed document by clicking here





Overview

Asacub is a banking trojan and alike the other banking trojans, it steals money from the victim's bank account via SMS messages from already compromised devices. It was first recognized in 2015 and targeting the Android users since then. Although it generally targets Russia, but, there are evidences that it also targets banks of various countries like USA, Poland, the Czech Republic, Ukraine, etc.

How Does it Spreads?

The threat actors of Asacub covers their creation in the guise of MMS or SMS application with generic names like, 'Message', 'Avito Offer', 'Photo', 'SMS Message', etc. and urges the users to download an '.APK' file in order to view its content, that always contains payload of the Asacub Banking Trojan and if the users fall for it, then they can easily perform their malicious activities, and even if the users doesn't fall into the trap, then, the bogus application continues to spam the device until they (users) agree. The Asacub Trojan can:
  • Collect data from the contacts list.
  • Read the text messages of the user.
  • Send text messages.
  • Stop the activity of any anti-malware apps present in the device.
  • Halt the activity of any banking apps present in the device.

Remedy

The most feasible way to protect a device from Asacub is to use a robust antivirus which is capable of detecting as well as blocking all the existing versions of it. However, if you prefer to use a free version of an antivirus, then, you have to run the manual scans regularly to prevent any kind of infection.  









To know more about it, you can go through my detailed document by clicking here














Comments

Popular posts from this blog

Deployment (Part 3)

Deployment (Part 1)

Project Resourcing (Part 2)