Exobot Android Trojan Source Code Sold Online
The author of the Exobot Android trojan has ceased operations and sold the malware’s source code online to several buyers. This has led to new attacks using it and raises the possibility of new capabilities being added. The author decided to shut down the rental scheme and sell the source code to a small number of clients.
Exobot has been one of the most active Android mobile trojans in the past two years, together with BankBot, GM Bot, Mazar Bot, or Red Alert.
Exobot was first observed in 2016 operating as a malware-as-a-service scheme, with users renting the trojan from its creator. It is delivered disguised either as a legitimate application or as a download from a website.
Once installed on a device, Exobot attempts to steal financial credentials, such as banking logins, and will perform browser injection attacks on banking websites.
Affected Platforms
Google Android – All versions
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.