A newly identified Android banking malware known as Mirax Bot is being promoted in underground cybercrime forums as a malware-as-a-service platform designed to facilitate financial fraud. The malware supports hundreds of banking and payment application “injects,” enabling attackers to display convincing fake overlays and capture credentials and one-time passcodes. It also uses hidden virtual network computing (HVNC) to remotely control infected devices without the user noticing, allowing attackers to open banking apps and authorize transactions silently. Infected devices can also be turned into residential proxies for additional malicious activity.
Read the full report here.
