A new type of malware has begun to influence Android phones. This new trojan is aimed at users of both cryptocurrency applications and the most popular applications for fiat-banking, – as reported by TNW News.
Malicious software called "Gustuff" was first discovered by Group-IB, a well-known cybersecurity company.
Interesting in the section: Features of fiat money
Gustuff malware abilities
One of the main tricks it uses is "web fakes" that look identical to popular applications. In this case, there is a wide range of applications for both crypto and traditional finance, including Coinbase, BitPay, JP Morgan, Wells Fargo and many others.
Interesting in the section: BitPay Wallet for storing Bitcoin
Another trick is to automatically fill in data fields even in legitimate applications with malicious information. This means that the malicious system can change the destination address of sending currencies, which you indicated, to the address of the attackers, or transfer money to the attacker's account from the banking application. The system can also impersonate applications such as PayPal, Western Union, eBay, and WhatsApp.
Gustuff is distributed both through informal tradingTrading
– is an economic term that means the process of independent trade, independent analysis of the market and the conclusion of trade transactions.Details platforms and via SMS. Malicious programs often use the victim’s contact list to send malicious links.
The best way to stay safe is to download applications only from the official Google Play store and not to click on suspicious links in text messages.
"Gustuff" malicious software negatively affects Android applications of crypto and fiat. Users must be very careful, but, as is the case with most malware and fraudsters, slow work, attentiveness, linking to the main distribution channels is a good way to stay safe.
Editor: Pereyidenko Ihor