We haven't heard much about Anubis in recent months. Anubis is the nasty Android-based banking Trojan that has made headlines on more than one occasion.
If history is any guide at all Anubis will soon be making headlines again. It's back and based on the findings from researchers at Lookout the hackers controlling the malware mean business.
Anubis has been around since at least 2016 when its source code appeared on a variety of Russian hacking forums. Some open-source projects don't get much love but Anubis has received regular updates that have kept it current and made it more dangerous than ever. Although it's been a while since the malware was used in a major campaign there are warning signs that things are about to change.
As an example, in 2019 a copy of Anubis was found embedded in an app in the Google Play Store with a not quite functional ransomware module. It was probably placed there as a test. In 2020 Anubis briefly resurfaced courtesy of a large-scale phishing campaign that targeted more than 250 shopping and banking apps.
The Lookout researchers were able to grab a copy of the malware they found circulating in the wild. Based on their findings the newly enhanced malware will be used in a large-scale campaign that will target nearly 300 apps.
Additionally, its latest improvements leave it with the following capabilities:
- Recording screen activity and sound from the microphone
- Implementing a SOCKS5 proxy for covert communication and package delivery
- Capturing screenshots
- Sending mass SMS messages from the device to specific recipients
- Retrieving contacts stored on the device
- Sending, reading, deleting, and blocking notifications for SMS messages received by the device
- Scanning the device for files of interest to exfiltrate
- Locking the device screen and displaying a persistent ransom note
- Submitting USSD code requests to query bank balances
- Capturing GPS data and pedometer statistics
- Implementing a keylogger to steal credentials
- Monitoring active apps to mimic and perform overlay attacks
- Stopping malicious functionality and removing the malware from the device
In other words, Anubis appears to be back from the dead and the coming months will probably be interesting as if we needed that!
________________________________________________________________________________________________________
STOP OVERPAYING for CABLE and Netflix!
TeQ I.Q. Service works on "Apple, Android, Roku, Amazon, Computers, and more"
"We Now have TeQ I.Q. VOD+(Video On Demand) The Best VOD Service!
"If you have Netflix or any other VOD Service you should switch to TeQ I.Q. VOD+ Service"
It is better than Netflix with 5 Connections and 4K and 3D included. Better than all other VOD services with Over 30,000 Movies, including New In Theatre Movies, Over 10,000 TV Series and growing. TeQ I.Q. VOD+ adds Movies and TV Series on Request.
Check out our TeQ I.Q. Services at https://www.teqiq.com/tv
We are giving a Free in Person TeQ Seminar at our office in La Mesa every Wednesday from 12pm-1pm and a Free TeQ Support Q&A from 1pm-2pm. Go to https://www.teqiq.com/events for our upcoming Events and https://www.teqiq.com/seminars for info on each Seminar.
For Free Consultation Call Now Robert Black at (619) 255-4180 or visit our website https://www.teqiq.com/
Chase Bank and Others Trust TeQ I.Q. with their IT and TeQnology so can you!
