Mexican hacker targets banks with Android Malware Campaign
It’s no secret that over the past few years, hackers have ramped up their efforts to gain unauthorized access and scam individuals and businesses out of their hard-earned money. Now, in a recent development, security researcher Pol Thill has identified a Mexican hacker going by the name Neo_Net as the mastermind behind a widespread Android mobile malware campaign.
Operating from June 2021 to April 2023, this Mexican hacker primarily targeted prominent banks in Spain and Chile, including Santander, BBVA, and CaixaBank. And despite employing basic tricks, Neo_Net managed to steal over €350,000 ($382,153) from victims’ bank accounts and compromise the personal information of thousands of individuals.
“The success of their campaigns can be attributed to the highly targeted nature of their operations, often focusing on a single bank and copying their communications to impersonate bank agents,” reads a report by SentinelOne.
How did the hacking campaign work?
The hacking campaign revolved around using a combination of SMS phishing and Android Trojans. This is because the hacker first sent deceptive SMS messages, which closely resembled the official ones, tricking unsuspecting victims into disclosing their sensitive credentials and providing access to their banking information.
Additionally, Neo_Net also developed and distributed various Android trojans disguised as security applications, which, once installed, requested SMS permissions to capture two-factor authentication (2FA) codes sent by banks via SMS. This allowed the hacker to bypass the extra layer of security and gain unauthorized access to victims’ accounts.
However, what sets this campaign apart is the use of a Smishing-as-a-Service platform called Ankarex, which allowed the hacker to essentially rent out his infrastructure to multiple affiliates, significantly expanding the reach and number of successful attacks in various countries.
These discoveries, once again, emphasize the growing importance of implementing robust security measures. This includes carefully checking any emails or SMS messages that prompt you to take action, avoiding downloading apps from untrusted sources, and enabling 2FA.
It’s no secret that over the past few years, hackers have ramped up their efforts to gain unauthorized access and scam individuals and businesses out of their hard-earned money. Now, in a recent development, security researcher Pol Thill has identified a Mexican hacker going by the name Neo_Net as the mastermind behind a widespread Android mobile malware campaign.
Operating from June 2021 to April 2023, this Mexican hacker primarily targeted prominent banks in Spain and Chile, including Santander, BBVA, and CaixaBank. And despite employing basic tricks, Neo_Net managed to steal over €350,000 ($382,153) from victims’ bank accounts and compromise the personal information of thousands of individuals.
“The success of their campaigns can be attributed to the highly targeted nature of their operations, often focusing on a single bank and copying their communications to impersonate bank agents,” reads a report by SentinelOne.
How did the hacking campaign work?
The hacking campaign revolved around using a combination of SMS phishing and Android Trojans. This is because the hacker first sent deceptive SMS messages, which closely resembled the official ones, tricking unsuspecting victims into disclosing their sensitive credentials and providing access to their banking information.
Additionally, Neo_Net also developed and distributed various Android trojans disguised as security applications, which, once installed, requested SMS permissions to capture two-factor authentication (2FA) codes sent by banks via SMS. This allowed the hacker to bypass the extra layer of security and gain unauthorized access to victims’ accounts.
However, what sets this campaign apart is the use of a Smishing-as-a-Service platform called Ankarex, which allowed the hacker to essentially rent out his infrastructure to multiple affiliates, significantly expanding the reach and number of successful attacks in various countries.
These discoveries, once again, emphasize the growing importance of implementing robust security measures. This includes carefully checking any emails or SMS messages that prompt you to take action, avoiding downloading apps from untrusted sources, and enabling 2FA.
Denial of responsibility! Techno Blender is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.