Avast threat researcher Nikolaos Chrysaidos tracks new version of malware that combines spyware, remote-access-Trojan malware, and banking Trojan malware
A new, three-pronged version of the ransomware known as the mobile WannaCry is targeting four major banks in Brazil, Avast threat researcher Nikolaos Chrysaidos has found.
This is a new version of WannaLocker, the WannaCry copycat for mobile, which bundles spyware, remote-access-Trojan (RAT) malware, and banking Trojan malware in one nasty ransomware package, according to Chrysaidos’ findings.
“We believe this is the first sighting of this new mobile version of WannaLocker” said Chrysaidos, a researcher who previously tracked banking Trojans on the Google Play store. “It harvests text information, call logs, phone number, and credit card information, and if it takes off it could be a very serious issue.”
WannaCry, a 2017 ransomware outbreak that swept the globe, was one of the decade’s worst cybersecurity threats.
Chrysaidos (pictured) said researchers don’t know how this new version of WannaLocker initially gets into phones, but suspects it could be through malicious links or third-party stores.
The banking Trojan works by showing users a fake interface and urging them to address an issue with their account by signing in. When they do, the malware collects a wide range of data, including the mobile manufacturer and other hardware information, call log, text messages, phone number, photos from front and back camera, contact list, GPS location, and microphone audio data. WannaLocker strains normally encrypt files on a mobile user’s external storage and demand a relatively small payment to release them. This version includes the design to do this and the message to show to the infected user, but appears to still be in development, Chrysaidos said.
Chrysaidos’ work and other related research can be found on apklab.io, a mobile threat intelligence platform (MTIP) designed to provide real-time intelligence for Android security researchers.
Apklab.io is the first platform of its kind to collect and make available intelligence from Avast’s global network of over 145 million mobile users to help researchers fight the growing threat of mobile malware.
An ease and familiarity with wide-ranging tech makes younger generations a bigger target for scams and malware.
Ever wonder if a loved one you’re sitting next to this year could be a cybercriminal? They’re probably not. But you can still familiarize yourself with the types of fraud that take place within the family, just in case.