HQ/EMEAFind out how we can help your business
The new GoldDigger Android trojan is the latest global threat to the banking sector.
This new malicious malware could allegedly infiltrate and exploit user information of their targeted bank accounts, ultimately resulting in financial loss. Moreover, this threat could expand its attacks across Asia, Europe, and South America despite exclusively targeting Vietnam.
The malware operation’s primary objective is to acquire critical user data, particularly banking app credentials, to execute the draining of accounts. In addition, the trojan’s primary victims currently use over 50 Vietnamese banking apps, e-wallets, and crypto-wallets.
The GoldDigger Android trojan commonly comes from phishing emails.
According to investigations, the GoldDigger Android trojan commonly use phishing email that redirects recipients to a fake Google Play page or an imitation of a well-known brand’s website. Once lured in, the operation will trick users into downloading a sketchy Android app that impersonates a Vietnamese government portal or an energy company.
Subsequently, the trojan will request access to the Android Accessibility Service after breaching a victim’s device. The permission will enable the GoldDigger to monitor and manipulate various device functions stealthily.
Additionally, it can steal sensitive information, such as banking app passwords, intercept SMS messages, and exfiltrate these ill-gotten gains to a remote C2 server. The creators of this malicious software make it difficult for security researchers to reverse engineer their creations by employing legitimate obfuscation tools to thwart threat analysis efforts.
Researchers also warned by explaining that the GoldDigger malware primarily focuses on targets in Vietnam. Still, the malware included Spanish and traditional Chinese translations, indicating that the malware developers could expand soon.
Cybersecurity researchers encourage users to remain vigilant by updating their devices regularly. Furthermore, everyone should also refrain from downloading applications from third-party sources or websites outside official app stores, such as the Google Play Store.
Users should also analyse the permissions requested by downloaded apps to limit an app’s access to the device. The new GoldDigger android trojan is the latest threat resulting from the malware developers’ constant development. Vigilance and caution remain our best defence against these malicious entities since threat actors always wait to exploit unsuspecting targets.
