A new Android banking trojan called BlankBot has been discovered. Discovered by Intel 471 researchers in July 2024, BlankBot primarily targets Turkish users through impersonated utility apps. With a range of malicious capabilities like customer injections, keylogging, screen recording, and remote control via WebSocket connection to a command server, BlankBot can steal sensitive data. Most samples remain undetected by antivirus software at the time of discovery. The malware appears to still be under development with code variants and logs present. Author: AlienVault
Related Tags:
keylogging
Banking
trojan
android
AlienVault OTX
AlienVault
Associated Indicators:
8D6CA64E4C3C19587405E19D53D0E2F4D52B77F927621D4178A3F7C2BF50C2EA
AD9044D9762453E2813BE8AB96B9011EFB2F42AB72A0CB26D7F98B9BD1D65965
FC5099E5BE818F8268327AAF190CD07B4B4EBB04E9D63EEFA5A04EA504F93D62
6681B0613FC6D5A3E1132F7499380EB9DB52B03AB429F0C2109A641C9A2EA4D3
BF93FB35BE6DC4C40D24C6C1B4C74007F2DD897B
D3052E1555E86E41E28DE93229B24D53821865C5
9F2EB0DDB098E74402E190F516EFEC7E1FD76D79
39BE1ACAAF19087F39E4C859DA5CF86E672C8090
3356574B7E4566602FD599A9BD70C96F13B8E2C2