INFRA
INFRA
INFRA
New form of Marcher Android malware delivers a hat-trick of malicious actions
A new form of the Marcher Android malware has been discovered in the wild, delivering a hat-trick of malicious actions in the form of phishing, credit card data theft and, to top it off, a banking trojan virus.
First spotted Friday by researchers at Proofpoint Inc., the new “multistep” version involves the original version of the Marcher Android banking trojan first discovered in 2013. But it also includes credential phishing and credit card data theft for good measure, a combination described as being “sophisticated” in its form given that usually malware involves just one form of attack.
The new version of Marcher is spread through a targeted phishing attack, with victims presented with a link in an email, often in the form of a bit.ly shortened link. The link leads to a phishing page that asks for banking login credentials or an account number and PIN.
All the observed cases were targeted specifically at people in Austria, though the researchers noted that these types of threats are likely to expand. “As our computing increasingly crosses multiple screens, we should expect to see threats extending across mobile and desktop environments,” they noted. “Moreover, as we use mobile devices to access the web and phishing templates extend to mobile environments, we should expect to see a greater variety of integrated threats like the scheme we detail here.”
Commenting on the uniqueness of this attack, Manoj Asnani, vice president of product and design at Balbix Inc., told SiliconANGLE that the new form of Marcher should be considered a wakeup call. “High-prized hacking targets in possession of critical data need robust security systems that don’t rely solely on human expertise and legacy security tools to prevent these type of multivector attacks,” he said.
Asnani added that AI-based autonomous systems that employ statistical techniques can easily distinguish fake sites from real ones and warn users of phishing threats. They also can flag malicious apps from nonrecognized sites before they’re downloaded. “This type of multivector attack would be very difficult to execute if an organization had a smart breach prediction system that warned users at every single potential step towards a data breach,” he said.
Image: Maxpixel
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
