Banking Trojans for Android Infect Over 200,000 Users - How to, Technology and PC Security Forum |

Banking Trojans for Android Infect Over 200,000 Users

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

android-trojan-spylockerResearchers have reported that Android phones have been infected in a massive redistribution campaigns of banking malware for the mobile OS. Experts at Avast have reported that the malware is an evolved version of what is known as GM Bot – a banking trojan first detected in the year 2014.

GM Bot Of Russian Origins

When the mobile malware has first been detected it has been reported to be very successful due to it’s source code created by a dark net developer going by the nickname Ganjaman.

The developer did create a very nasty piece of malware indeed, but he did not develop methods to make the malware convenient in order to sell it on the black malware and since the profits were likely low, the virus was released for free along with it’s source code.

Ganjaman Behind New Banking Trojan

The dev of this malware did not stop there, however. In fact, new iteration of the malware was later released giving the opportunity to once more generate income from this nasty malware.

The second version, also known as GM Bot v2, was also known for it’s many improvement but the creator still did not provide any support, resulting in his band from deep web marketplaces.

GM Bot however, has gained a lot of popularity exactly because of how dangerous it was. But besides the ones who are directly involved in development of Android who started learning about GM Bot, the malware has also become very popular amongst malware writers as well, resulting in numerous variants of it released in the deep web.

Not only this, but the methods of how GM Bot infects have also changed, using social engineering to extract personally identifiable information, like a photo of the personal ID card or a selfie next to the ID.

GM Bot Now Infects on Android 6.0 and Newer

The cyber-criminals behind GM Bot are very creative when it comes to infecting newer Android devices. They may insert the malicious code containing the GM Bot virus inside a completely legitimate application behind a web player or a plugin, like Flash, for example. Common way to get infected is also by downloading non-confirmed applications from third-party websites as well.

This has created an opportunity for the developer who has generated revenue selling the banking trojan for Android devices which resulted in a high rate of infections related to numerous banks on different points of the globe.

What About The Future of GM Bot

Researchers feel convinced that this malware will keep generating revenue and it is completely up to Ganjaman, it’s developer to take the risk of developing a 3rd version, which may be spread even more massively if the right distribution strategies are used by crooks.


Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share