""These aren't random one-off scams. They're factory lines. For years we knew these scam compounds existed, and suspected malware distribution at the sites, but this is a firm confirmation," says Dr. Renée Burton, VP of Infoblox Threat Intel."
"The platform registers approximately 35 new domains each month that impersonate banks, social security agencies, tax authorities, utility companies, and police departments in at least 21 countries."
"Once victims install the fake app, operators gain full control over the device. The trojan captures facial recognition data during fake Know Your Customer checks, intercepts SMS one-time access codes, and silently logs into mobile banking apps to funnel money across borders."
Security researchers identified an Android banking Trojan linked to the K99 Triumph City compound in Cambodia. This malware-as-a-service platform registers around 35 new domains each month, impersonating various legitimate entities. It is active in at least 21 countries, with significant activity in Indonesia, Thailand, Spain, and Turkey. The Trojan captures sensitive data, including facial recognition and SMS codes, allowing operators to take control of victims' devices and facilitate account takeover fraud.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]