Banking Trojan Coupled With Ransomware
Posted by: Timothy Weaver on 12/19/2016 12:57 PM
[
Comments
]
Banking trojans are now being coupled with ransomware.
Kaspersky Lab's malware analyst Roman Unuchek found that the new Faketoken (Trojan-Banker.AndroidOS.Faketoken) trojan has now added ransomware features that support encrypting user files. The main purpose of the added ransomware is to try to get money from the victim if the banking trojan is unable to capture banking logins.
The main purpose of the trojan is focusing on its phishing capabilities, which currently target more than 2,000 financial apps and users in 27 countries.
The Faketoken encryption is using the AES algorithm to lock files. It can target 89 different file types.
The mobile targets are not as lucrative as desktop or laptop targets. "We would like to note that file encryption is not that popular with the developers of mobile ransomware (at least currently)," says Unchuk, "which may be because most files stored on a mobile device are copied to the cloud. In other words, demanding a ransom in return for decrypting them is pointless."
Source: Bleeping Computer
Kaspersky Lab's malware analyst Roman Unuchek found that the new Faketoken (Trojan-Banker.AndroidOS.Faketoken) trojan has now added ransomware features that support encrypting user files. The main purpose of the added ransomware is to try to get money from the victim if the banking trojan is unable to capture banking logins. The main purpose of the trojan is focusing on its phishing capabilities, which currently target more than 2,000 financial apps and users in 27 countries.
The Faketoken encryption is using the AES algorithm to lock files. It can target 89 different file types.
The mobile targets are not as lucrative as desktop or laptop targets. "We would like to note that file encryption is not that popular with the developers of mobile ransomware (at least currently)," says Unchuk, "which may be because most files stored on a mobile device are copied to the cloud. In other words, demanding a ransom in return for decrypting them is pointless."
Source: Bleeping Computer
Comments
