The Vultur banking trojan currently gathered around 100,000 downloads from Android users on Google Play Store. This banking trojan has effectively targeted Android users by hiding behind a fake utility app that has been downloaded numerous times.
The malicious entity has successfully bypassed the Google Play Store’s security features since it only used limited permissions and minimal footprint.
According to researchers, the Vultur operators used the app store since it could reach more victims because most of them are unaware or incompetent with the threats posed by malicious apps.
Moreover, the threat actors could commit more fraud if they could infect people with substantial funds that can be accessed.
In some instances, even the more experienced user could fall victim to these malicious utility apps since it comes from a trustworthy source. Therefore, researchers and analysts have a tough time dealing with these entities as most users will likely download the apps despite the numerous reminders given by experts.
The Vultur banking trojan became a formidable threat to many because of its ability to use advanced obfuscation and evasion strategies.
Researchers explained that the Vultur banking trojan uses advanced evasion tactics with file deletion, steganography, and code obfuscation after infiltrating a device. This Android Trojan is careful with its operation as it runs multiple checks first before downloading the malware.
Once Vultur has been downloaded and installed via a fake update, its operators can monitor everything that happens on the compromised devices and execute bank fraud through account takeover campaigns.
Experts emphasised that the Vultur developers have shown everyone how they improve their TTPs to remain obfuscated and out of reach from threat analysis. The trojan fully utilises the benefits of being inside the official app store. Hence, it could inflict more damage on Android users if it is available and accessible to most people.
Cybersecurity security experts remind everyone to be careful when downloading and installing any unnecessary application from any platform. Users should avoid apps that want privileges that do not make sense for what it offers.
