The Antidot Android banking trojan snoops on users and steals their credentials, contacts, and SMS messages.
May 17, 2024 By Ionut Arghire
Threat intelligence company Cyble is raising the alarm on a newly identified Android banking trojan that can steal users’ credentials and conversations, as well as snoop on them.
Dubbed Antidot and spotted in early May, the malware masquerades as a Google Play update and employs overlay attacks to harvest victims’ credentials.
The malware packs a broad range of capabilities, including VNC (Virtual Network Computing), a screen sharing system that provides attackers with remote control over the infected device.
Furthermore, it can log keystrokes and record the screen, forward calls, collect contacts and SMS messages, lock and unlock the device, and perform USSD requests.