Android Users Beware: MysteryBot Trojan Can Encrypt Your Files

MysteryBot Android Trojan image sensorstechforum com image

Security researchers have spotted another dangerous threat that is being targeted at mobile users. The MysteryBot Android Trojan is the latest offensive tactic against mobile devices as it is being launched on a global scale. It is rated as a critical threat due to the fact that it has can lead to dangerous system modifications, many of them involving the security and privacy of the device owners.

MysteryBot Android Trojan Revealed: Methods of Infection

The MysteryBot Android Trojan was discovered following a recent investigation of a malicious dropper that was initially used to infect targets with the GandCrab ransomware. Apparently the droppers were part of a botnet network that can be customized to deliver a wide range of computer threats — both desktop viruses, ransomware, Trojans and mobile malware. The research shows that it is being used by criminal groups that are known to leverage all kinds of threats to their intended victims.

The performed analysis shows that the same hacker-controlled servers that power MysteryBot are responsible for the LokiBot banking Trojan. This fact may mean that it is being operated by the same criminal collective.

Botnets usually send out bulk email SPAM messages that use various social engineering tactics that attempt to coerce the victims into interacting with the dangerous elements. They are usually either attached directly to the messages or hyperlinked in the body contents. This particular email SPAM wave may use text and graphics taken from popular software companies or services in order to make them download the infected files. This particular campaign seems to deliver two counterfeit versions of the Adobe Flash Player.

MysteryBot Android Trojan Capabilities

Once the MysteryBot Android Trojan has infected the target devices it can immediately execute one of the built-in commands. The security researchers have been able to harvest a list (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum authored by Martin Beltov. Read the original post at: