October 23, 2019

October 23, 2019

Subscribe to Latest Legal News and Analysis

October 22, 2019

Subscribe to Latest Legal News and Analysis

October 21, 2019

Subscribe to Latest Legal News and Analysis

New Malware Targets Big Banks and Cryptocurrency Apps

New malicious malware dubbed “Gustuff” targets big banks, fintech companies and cryptocurrency apps, according to the security firm Group IB.

According to Group IB, which discovered Gustuff on hacker forums, the new malware is affecting Android devices and is “a mobile Android Trojan, which includes potential targets of customers in leading international banks, users of cryptocurrency services, popular ecommerce websites and marketplaces.”

The malware is reported to have completely-automated features that can steal files and cryptocurrency from user accounts “en masse.” Incredibly evil, it uses the Accessibility Service, which is intended to assist people with disabilities.

According to Group IB, the malware is targeting more than 100 banking apps, including 27 in the United States. “Gustuff infests Android smartphones through SMS with links to malicious Android Package (APK) files…at the server’s command Trojans spread further through the infected device’s contact list or the server database….It is able to autofill fields in legitimate mobile banking apps, cryptocurrency wallets and other apps.”

If you have an Android smartphone, consider reading more about Gustuff here: https://www.group-ib.com/media/gustuff/

Copyright © 2019 Robinson & Cole LLP. All rights reserved.


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...