USA
India
APAC
Middle East
Rest of the Countries
Facebook
Linkedin 
Twitter
Youtube
Weekly Threat Watch
Ghimob malware can spy on 153 Android mobile applications
They are warning about a new Android trojan “Ghimob” that can siphon off data from 153 mobile applications. The risk isn’t limited to data breach threats – the attackers can even bypass banking institutions’ security measures to make fraudulent transactions on Android users’ smartphones.
With a link in an email that takes the users to an authentic-looking app, mostly provided by a fraudulent potential creditor, the Ghimob trojan installs and sends a message back to the command-and-control (C2) server containing the victims’ phone data, including the model and the screen lock details. With a very strong persistence, this is how a Ghimob trojan steals sensitive information from 153 android applications.
This advisory by SISA answers a few critical questions:
- How does a Ghimob trojan work?
- How advanced is a Ghimob attack as compared to any other mobile banking trojan?
- What are the indicators of a Ghimob attack?
- What are some effective mitigation steps?
The editorial team at SISA Information Security hopes that by leveraging this advisory, organizations will be armed with the necessary awareness and knowledge to protect their environments from trojans like Ghimob.
Get your copy now!
SISA is a forensics-driven cybersecurity company that helps secure businesses with robust preventive, detective and corrective security services and solutions. SISA offers products and services for risk assessment, security compliance and validation, monitoring and threat hunting, as well as training for various payment security certifications.
Industry recognition by CREST, CERT-In and SWIFT serves as a testament to our skill, knowledge, and competence.
With 2,000+ clients spread across 40+ countries, we leverage our learnings to provide true security, fanatic support and real business value to our customers.
