j"19HxigV4QyBv3tHpQVcUEQyq1pzZVdoAutMá
source: https://thebitcoinnews.com/android-trojan-gustuff-targets-32-crypto-apps/
![](https://thebitcoinnews.com/wp-content/uploads/2019/03/Gustuff-696x464.jpg)
A brand new generation of malware has been discovered specifically designed to steal Android users. Several crypto and bank apps are affected worldwide.
On March 28, The Next Web reported that cybersecurity company Group-IB discovered a previously unknown Trojan horse. The company described the malware, which is called âGustuffâ, as a âweapon of mass infectionâ.
The Trojan is distributed via SMS messages with built-in links that load malicious Android package files. Once an Android device is infected, the Trojan will be automatically redirected through the contact lists.
To accelerate and scale the theft, the malware uses so-called âautomatic transfer systemsâ. These automatically replace fields in reputable Android apps with malicious data to redirect payments to the hackers.
Gustuff mimics several apps
The newsletter also said that Gustuff should contain several âweb fakesâ. This means following these imitative apps to get the sensitive data from unsuspecting users. This affects a total of 32 different crypto apps, including Coinbase, Bitpay and Bitcoin Wallet.
In addition, Group IB identified a variety of web-fakes for leading banks such as J.P. Morgan, Wells Fargo and Bank of America. 27 fake crypto and banking applications were spotted in the United States, 16 in Poland, 10 in Australia, nine in Germany and eight in India.
The malware also âsupportsâ payment systems and messenger services such as PayPal, Revolut, Western Union, eBay, Walmart, Skype and WhatsApp.
Who is behind the Trojan?
The report states that Gustaff uses Andoirdâs accessible features designed for users with physical disabilities. Group describes this approach as relatively rare and effective:
âUse of the Accessibility Service mechanism means that the Trojan is able to bypass \[â¦.\] Changes to Googleâs security policy introduced in new versions of the Android operating system. In addition, Gustuff knows how to disable Google Protect; According to the Trojan developer, this feature works in 70 percent of the cases. â
Group IB noted that Gustuff is backed by a Russian-speaking cybercriminal named âBestofferâ who works exclusively on international markets.
Thatâs how you can protect yourself
To protect against Gustuff or other malware, Group IB recommends downloading applications exclusively from Google Play â never from third-party stores.
Furthermore, apps should always be up to date. It is also important to pay attention to the extensions of the downloaded files.
source: https://thebitcoinnews.com/android-trojan-gustuff-targets-32-crypto-apps/
text/markdownutf-8HTheBitcoinNews-com - Android Trojan âGustuffâ targets 32 crypto appsbitcoin
https://whatsonchain.com/tx/3d4834b87be4cd3c023cc44ffc7061aa9d84931af6132c5a9640df55f9c6af5c