Post

RedWing MaaS Packages Android Bank Fraud as a Telegram Rental Service

RedWing MaaS Packages Android Bank Fraud as a Telegram Rental Service

🚨 New Android Malware Alert: RedWing 🚨

A new Android malware operation called RedWing is being rented out on Telegram as a ready-made bank-fraud service. This malicious tool allows even low-skill criminals to take over a victim’s phone, steal their banking logins, and capture the one-time codes that protect their accounts.

Zimperium’s zLabs, which discovered this operation, indicates that it resembles a new variant of Oblivion, a $300-a-month rent-a-malware tool documented earlier this year.

Key Findings:

  • Zimperium identified 82 targeted institutions across various sectors, with a strong focus on Russian financial firms. However, this list can change at any time.
  • Evidence suggests a connection to the Russian market, as one sample utilized a fake page for Russia’s RuStore.
  • Experts believe the operation is linked to Russian threat actors, although this has not been definitively confirmed.

How It Works:

RedWing does not require any Android exploits. It operates only when a user installs the app from outside an official store and approves the prompts. Therefore, the first line of defense is crucial during the installation process.

For more detailed information, you can read the full article here: Read full article

This post is licensed under CC BY 4.0 by the author.