In order to stay under the radar, an Android malware campaign that targets Iranian banks has increased its functionality and added new evasion techniques.
According to a recent Zimperium report, the threat actor was also seen executing phishing attacks against the targeted financial institutions. The report also found over 200 malicious apps connected to the malicious operation.
The campaign was initially made public in late July 2023 after Sophos published information about a collection of 40 apps that harvest credentials from users of Bank Mellat, Bank Saderat, Resalat Bank, and the Central Bank of Iran.
The main objective of the fraudulent applications is to deceive users into giving them excessive permissions read more 200+ Malicious Android Apps Targeting Iranian Banks.