September 25, 2024 By Pierluigi Paganini
A new version of the Android banking trojan Octo, called Octo2, supports improved features that allow to takeover infected devices.
ThreatFabric researchers discovered a new version of the Android banking trojan Octo, called Octo2, that supports more advanced remote action capabilities needed for Device Takeover attacks.
The new malware has already targeted users in European countries, including Italy, Poland, Moldova, and Hungary.
Octo2 is linked to the Exobot malware, first identified in 2016, which also gave rise to another variant called Coper in 2021.
In 2024, the Octo’s source code was leaked online, allowing other threat actors to create their own version. This leak likely prompted the original threat actor’s release of a new version, Octo2.
