Hackers nabbed stealing bank info with new Android malware trick

February 20, 2024
1 min read


TLDR:

  • An individual in Vinnytsia, Ukraine was arrested for stealing banking credentials of Android users in the US and Canada.
  • The hacker created websites offering free software downloads that contained malware to gain access to user devices.

An individual residing in Vinnytsia, aged 31, has been apprehended for purportedly pilfering confidential data of Android users and exploiting their Google accounts belonging to citizens of the United States and Canada. The cybercrime incident resulted in the perpetrator acquiring a total amount of more than UAH 3.5 million.

In Vinnytsia, Ukraine, a hacker has developed multiple websites providing free software downloads. These downloads are often pirated and potentially contain malware or viruses that compromise the security of the user’s device. The individual initiated a comprehensive online advertising initiative to promote the websites and enhance their credibility. This involved various technical strategies aimed at increasing the trustworthiness of the websites. After users download and install software for free, they inadvertently install concealed malware within the programs. The malware in question could infiltrate the devices without the user’s knowledge, providing the hacker unrestricted access to the system.

The perpetrator successfully monetized the unauthorized access by selling the exfiltrated data to nefarious actors on the internet. The proceeds generated from the sale were utilized to purchase a Mercedes-Benz GLE car, reads the report.

Assisted by the KORD special force, the law enforcement personnel successfully located and apprehended the perpetrator. Authorities conducted three comprehensive searches and confiscated a vehicle worth approximately 2.5 million hryvnias. We also obtained other crucial pieces of evidence during the operation. The accused is liable for a maximum prison term of 8 years and seizure of assets due to charges of engaging in money laundering, hacking activities, and developing and circulating malicious software. The investigation is underway to ascertain the identities of any possible accomplices involved in the case.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and