An Android banking virus that allows its operators to commit on-device fraud has been discovered by Threat Fabric security researchers.
The botnet, dubbed Octo, was initially referenced on dark web forums in January 2022, but an investigation of its code revealed a tight relationship with ExobotCompact, which is thought to be the successor to the Exobot Android Trojan, which was based on the Marcher Trojan’s source code.
Exobot was used in a number of financial institution assaults in Australia, France, Germany, Japan, Thailand, and Turkey, and it was still active in 2018. ExobotCompact can load malicious payloads, has keylogging capabilities, can block notifications, and target applications with overlay attacks.
Read More: https://www.securityweek.com/octo-android-trojan-allows-cybercrooks-conduct-device-fraud