If you have smart devices in the Android ecosystem, there's a new threat to be aware of in the form of a malware strain called Teabot. This bit of malicious code is a Remote Access Trojan or RAT for short. The group behind the code is making a big push to see it spread worldwide.
Researchers from Cleafy can confirm that the malware targets more than 400 different applications and the folk behind the code have begun to pivot away from their initial tactic of "smishing."
Smishing, if you're not familiar with the term, is a tactic used to compromise a mobile device via spam text messages that contain poisoned links. If a recipient clicks on one of these links, they're taken to a site controlled by the hackers and the malware is installed on the user's computer in the background.
This bit of code emerged near the beginning of 2021. Back then, in its earliest incarnations it was known as Toddler/Anatsa.
In its primitive form, it was distributed exclusively via smishing and only had a list of sixty lures. Granted they were big well-known lures like VLC Media player and DHL shipping but there were only sixty of them.
By July of last year, the owners of the malicious code had modified it to strike at dozens of banks based all over Europe. In the months that followed, at least 18 banks fell victim to Teabot attacks.
More recently, the malicious code has undergone additional changes. The malware has migrated from Europe spreading to Russia, the US, Hong Kong, and beyond. In addition to that, it's no longer targeting banks exclusively but cryptocurrency exchanges and digital insurance providers as well. Even worse is that in at least one case Teabot has managed to infiltrate official Android repositories via dropper apps.
In terms of how big a problem this is, here is how it goes. Once Teabot is installed on a target system it can primarily log keystrokes and take screenshots. Then it can exfiltrate them to the malware's controllers which means that in short order any site you log onto using your phone can quickly be compromised.
Stay vigilant out there. It's still early in the year and Teabot will certainly not be the last threat we face.
________________________________________________________________________________________________________
"Fortune Favors Who Value Time over Money!"
"TeQ I.Q. was the 1st IT Company to Deliver Cloud Solutions since 2003"
Tech issues taking up your Time?
"TeQ I.Q. Makes Your Technology Simple and Easy"
Do you have Tech Frustrations like your Computer, Internet, Phone, Cellphone, Camera, TV, Car?
"We Take Away Your Tech Frustrations and Give You the Free Time You Deserve!"
Call Robert to ask all your Technology questions.
We are giving a Free in Person TeQ Seminar at our office in La Mesa every Wednesday from 12pm-1pm and a Free TeQ Support Q&A from 1pm-2pm. Go to https://www.teqiq.com/events for our upcoming Events and https://www.teqiq.com/seminars for info on each Seminar.
For Free Consultation Call Now Robert Black at (619) 255-4180 or visit our website https://www.teqiq.com/
Chase Bank and Others Trust TeQ I.Q. with their IT and TeQnology so can you!
