Danger! Invisible Malware Stealing Your Banking Data: All You Need to Know

SoumniBot is a high-tech specifically designed to attack Android devices, targeting banking data, primarily focusing on clients in South Korea. This potent malware is not only a significant threat to Android devices globally but also to personal information.

Eluding Detection and Analysis

SoumniBot uses refined techniques to avoid detection and analysis. Through manipulating files in each application, it successfully deceives tools. It also deploys an invalid compression value when decompressing the manifest file and falsely reports the size of the manifest file in the APK. Furthermore, it exploits very long strings for XML namespace names in the manifest file.

Kaspersky’s Warnings

Kaspersky has flagged to the issues concerning the handling of files using these evasion techniques by the APK Analyzer. Regretfully, no response or corrective has been received as yet.

Read  Public Mistake: Azure Security Flaw Exposes Microsoft's Sensitive Data

Information Collection Post Installation

Once installed, SoumniBot kicks into action by collecting information. It establishes a connection with its Command and Control server and then collects data like the IP address, geolocation data, the list of installed apps, mobile service provider, phone number, contacts, account, and ringtone volume levels. Shockingly, it can also add and delete contacts, exfiltrate text messages, send text messages, exfiltrate photos and videos stored on the infected devices, and switch between silent and debugging modes.

Signs and Prevention of SoumniBot

  • Detection: SoumniBot, despite its sophisticated techniques, is detectable. Signs of infection comprise slow device operation, unauthorized alteration to system settings, the emergence of suspicious apps, increased data usage, and rapid battery drain.
  • Prevention: The most effective solution against SoumniBot is prevention. It is recommended to use antivirus software specifically designed for Android devices.
4.9/5 - (10 votes)

Leave a Comment