Security researchers with Cleafy on Monday disclosed a new Android trojan that hijacks users’ credentials and SMS messages to facilitate fraudulent activities against banks in Spain, Germany, Italy, Belgium, and the Netherlands. TeaBot, once successfully installed in the victim’s device, can obtain live streaming of the device screen and also interact with it via Accessibility Services. An expert with Blue Hexagon offers perspective.
One Response
<p>Teabot and Flubot both represent the shift in mobile malware from just being a sideline issue to being a mainstream problem just as malware on traditional endpoints. Threat actors realize the true potential of mobile devices and the threat they can pose to the end-user. It is important to remember that even though the apps are not on Google Play, the phishing/social engineering tactics used by the actors behind Teabot/Flubot are as good as any threat family on the PC side; that within a short time frame, they can manage to get a huge infection base. These threats should not be underestimated.</p>