http://securityaffairs.co/wordpress/wp-content/uploads/2015/02/mobile-banking-devices-South-Korea-2.png
A Chinese hacking crew dubbed Yanbian Gang has siphoned data from mobile banking customers in South Korea during the past two years, according to a new report.
According to researchers at Trend Micro, the cybercriminals used fake banking apps having the same appearance (i.e. icons and user interface) of the legitimate mobile apps, to trick users. They also used other popular apps, such as utilities, chat, portal and security apps attract users into their scam and steal their mobile banking credentials.
These bogus mobile apps transferred stolen user information (i.e. mobile phone numbers, Bank account names, Bank account numbers, login credentials and Text messages) to the command and control servers.
The Yanbian Gang used several Android malware to infect mobile banking customers, none of the malware used by the gang was distributed through Google Play or third-party app stores. The Yanbian Gang has infected the victims by sending malicious text messages or downloading the malware component by other malicious code used to infect the mobile. The malware used by the Yanbian Gang was primarily remote access tools (RATs) that attackers used to gain complete control of the victims’ mobile device.
Full Article
