A new banking trojan named Nexus distributed on cybercrime forums, Ability to affect at least 450 financial apps on Android. The warning was issued by cybersecurity firm Cleafy on Tuesday (21).
According to the report, the malware provides the essential tools needed for targeted attacks on banking and cryptocurrency services. credential theft and SMS tampering. It can also read two-factor authentication (2FA) codes sent via text message and Google Authenticator.
Those responsible for detecting the malware claim that it exploits the mechanisms of other similar viruses, such as SOVA, which use the same source code as it. It will also contain a ransomware module that is currently in development, which could make it even more dangerous.
There are indications that it is. Nexus banking trojan It is currently used in many fraud campaigns, especially in Turkey, and this reinforces the need for extra care when downloading applications for Android. Data were also found showing the use of malware in attacks carried out in the middle of last year.
On sale for $3,000
HE Trojan that compromises financial apps on Android It is offered on forums on the dark web through a subscription service that costs $3,000 per month, equivalent to R$15,800 at the price of the day. Subscribers have access to all mechanisms made available by malware to carry out cyberattacks.
But the Nexus developers have set some rules for anyone interested in the subscription. One of the norms forbids the use of Nexus in attacks with targets in countries such as Russia, Kazakhstan, Azerbaijan, Moldova, Belarus, Indonesia and Ukraine, among others.
Source: Tec Mundo
I am a passionate and hardworking journalist with an eye for detail. I specialize in the field of news reporting, and have been writing for Gadget Onus, a renowned online news site, since 2019. As the author of their Hot News section, I’m proud to be at the forefront of today’s headlines and current affairs.