ThreatFabric researchers have discovered the novel Android banking malware dubbed "Octo", which could facilitate on-device fraud, reports BleepingComputer.
Based on the ExoCompact malware, Octo has been found to have evolved with an advanced remote access module that could allow attackers to remote control Android devices. Remote Octo operations are being concealed with the use of a black screen overlay, zero screen brightness, and the "no interruption" mode to disable all notifications, according to the report. Octo could then proceed to perform screen taps, data pasting, clipboard alterations, gestures, text writing, and scrolling.
Octo also has a keylogger that could track and capture all victims' actions, including opened websites, focus- and text-changing events, clicks and elements clicked, and inputted PINs, said researchers. Researchers have also identified various commands supported by the malware, including push notification blocking, SMS interception, sound deactivation and temporary screen locking, specific application launching, C2 list updating, specific URL opening, and SMS delivery to specific phone numbers.
Octo is being offered in various hacking forums by the threat actor dubbed "Architect," who may either be the author or new owner of the source code of ExoCompact owing to the significant similarities between both malware strains.
This week, Dr. Doug raves about: 'The Orgy of the Walking Dead' or Elon is controlling my brain, Schoolyard Bully, Redigo, DuckLogs, Dod Alphabet soup, Sirius XM, Pixel Tracking, TSA, Single Sign-on rants, and more on the Security Weekly News!
Novel DuckLogs malware-as-a-service detailed More than 6,000 victims have been compromised by the new DuckLogs malware-as-a-service operation, whose platform is being leveraged by over 2,000 cybercriminals, according to BleepingComputer.
BleepingComputer reports that Redis servers that remain unpatched to CVE-2022-0543 are being compromised with the novel Go-based Redigo malware, which is not yet detected on VirusTotal antivirus engines.