Kaspersky, the computer security company, has issued an alert about the growing risk of trojan remote access technology (RAT) known as Zanubis, which is linked to the increase in banking fraud in Peru. Experts have observed how cybercriminals use the “ghost hand” technique to bypass mobile banking defenses, taking advantage of the devices of affected people.
Which makes that Zanubis Of particular concern is its complexity and strategic focus. Unlike previous threats, this malware specifically targets banking applications and local financial institutions, stealing login credentials and hijacking SMS messages sent by these institutions to victims.
The infection of Zanubis It occurs when users download malicious applications outside of official stores. He malware disguised as legitimate applications of the National Superintendency of Customs and Tax Administration (SUNAT) to deceive victims. Once installed, the Trojan can manipulate applications on the infected device using remote commands, especially focusing on intercepting SMS messages and stealing activation or verification codes sent by financial institutions.
Zanubis also blocks the use of the phone through fake updates Android, forcing victims to use biometric unlocking. The threat is particularly clever, as it displays a legitimate SUNAT web page to prevent victims from suspecting that they have been attacked.
Kaspersky analysis reveals that Zanubis He communicates in Spanish and displays a deep knowledge of the language’s slang and common phrases. Furthermore, he has an extreme affinity for Peruvian financial institutions, and so far, has shown interest only in these applications.
How to avoid Zanubis infection
- Only install apps from trusted sources, ideally from official app stores;
- Check the permissions requested by the application: if they do not correspond to the application’s task (for example, a reader requests access to the user’s messages and calls), this may be a sign that it is an untrustworthy application;
- Use a robust security solution that protects you against malicious software and its actions.
- Do not click on links included in unwanted emails, social networks or SMS messages;
- Do not perform the device rooting procedure which will provide cybercriminals with unlimited possibilities.
It may interest you
- Roblox will come to PlayStation 4 and PlayStation 5 consoles [VIDEO]
- Jean-Claude Van Damme makes his gala entrance in Mortal Kombat 1 [VIDEO]