Leaked Malware code for Android

In has been reported that the source code for some Android malware that steals your online banking credentials and details from your handset, according to IBM. There is an assumption that it can only steal banking information if you use your handset for online banking and download third-apps (common theme with malware).

Last week we reported on the Mazar Bot, which is in the same family as GM Bot, Siempo, Bankosy and Acecard. The source code which has been leaked belongs to GM Bot, which usually sells for around $500 on the dark web. The code according to Limor Kessem from IBM, was leaked in December 2015 on an underground forum. The reason is unclear as it now allows other cyber criminals to use the Trojan’s code and recompile it into something else as it even comes with a tutorial and server-side installation instructions to help you along! The malware is very similar to everyday computer malware like Zeus, SpyEye and Carberp.

“He indicated he would give the password to the archive only to active forum members who approached him,” Kessem wrote. “Those who received the password in turn passed it on to other, unintended users, so the actual distribution of the code went well beyond that discussion board’s member list.”

“While GM Bot may not be as prolific as the major banking Trojans mentioned here, it is definitely a game changer in the realm of mobile threats,” Kessem added.

Later on in the report it goes on to say that GM Bot also has the ability to obtain SMS details and any authentication codes with the messages.

Usual message from Coolsmartphone Towers – don’t download apps from third party app stores.

A tour around Hall 7, and I have to apologise
MWC - Acer Jade Primo hands on