Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
SUBSCRIBE
Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
Zerosecurity
No Result
View All Result
Home Public

Marcher Banking Trojan Overhauled & Targeting UK Banks

Kyle by Kyle
June 3, 2016 - Updated on May 17, 2022
in Public, Malware, Mobile Security, Security
0
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

The Marcher Banking Trojan, which is sold on underground Russian forums for around $5,000, is an Android banking Trojan that’s been available since late 2013. The malware was first made to display phishing webpages on top of Google Play to fool users into passing over their bank card information.

You might also like

Downthem DDoS service owner gets a 2-year prison sentence

Cloudflare Stops Record-Breaking DDoS

Syslogk Linux Rootkit triggers with magic packets

Although, in March 2014, a new variation of the malware had been identified targeting banks in Germany. The list of targeted nations was eventually broadened to incorporate France, Poland, Turkey, the United States, Australia, Spain, Austria, and many others.

IBM Security experts happen to be tracking the mobile banking Trojan and found that, in late May, its writers included nine leading banks in the U.K. to the roster of targets.

Aggregating Marcher configurations permits us to see its top desired geographies.

Marcher targeting countries listed below:

Marcher targeted countries

The Trojan has been overlaying screens to acquire details from victims. Many times, the overlay screens are personalized for the targeted bank and are hardcoded or fetched from a server by the malware.

Even though the Trojan has mainly targeted mobile banking apps, it also has the ability to steal info from payment, airline, e-commerce, and direct marketing apps.

Current list of applications the Trojan is targeting:

marcher targeted apps

As opposed to other Android banking malware, Marcher doesn’t only focus on apps. The phishing screens are visible both on top of financial apps and the bank’s website when individuals access it in an internet browser. Analysts found overlay displays being shown over Austrian and Australian financial websites.

Marcher also has the ability to intercept SMS messages and phone calls, which can be ideal for a few things. First, it permits attackers to forward messages and phone calls that contain info sent to the user by the bank’s two-factor verification system. Additionally, by getting control of SMS and mobile call applications, criminals could make calls and send messages to premium-rate numbers to create an extra money source.

To stop yourself from being a victim, you can install any popular Android antivirus app.

Tags: androidbankingmalware
Share30Tweet19
Kyle

Kyle

Co-owner, writer, and editor at ZeroSecurity. Security, Blockchain, and SEO enthusiast. "Formal education will make you a living; self-education will make you a fortune."

Recommended For You

Downthem DDoS service owner gets a 2-year prison sentence

by Christi Rogalski
June 30, 2022
0
Downthem DDoS Service owner sentenced

Matthew Gatrel, a resident of St. Charles, Illinois, has been sentenced to two years in prison for violating the Computer Fraud and Abuse Act (CFAA). The 33-year-old was...

Read more

Cloudflare Stops Record-Breaking DDoS

by Christi Rogalski
June 29, 2022
0
Cloudflare record breaking DDoS

Cloudflare has reported that it successfully neutralized the largest recorded DDoS attack in history. The attack, a 26 million request per second onslaught, targeted a customer on the...

Read more

Syslogk Linux Rootkit triggers with magic packets

by Christi Rogalski
June 19, 2022 - Updated on June 20, 2022
0
Syslogk Linux Rootkit triggers with magic packets

Avast researchers have spotted a Linux rootkit that has the ability to hide malicious processes. The new Linux rootkit, called Syslogk, works by using magic packets to activate...

Read more

Chrome Browser Extension Vytal Prevents Privacy Leaks

by Christi Rogalski
June 19, 2022 - Updated on June 20, 2022
0
Vytal Chrome Extension spoofs location data

Released in 2008, Google Chrome is a cross-platform web browser. With over 3.2 billion internet users worldwide, there's no denying that Chrome is the most popular browser today....

Read more

Are Bluetooth signals being used to track smartphones?

by Christi Rogalski
June 17, 2022
0
Bluetooth research leads to tracking

Can Bluetooth signals be used to track smartphones? Many people would say "No" to this question. However, a team of engineers at the University of California San Diego...

Read more
Next Post
Anonymous spain police server leak

Anonymous leaks data of Spanish Police Servers

Related News

Google Chrome Extension fingerprinting source

Google Chrome exposes user extensions to fingerprinting

July 1, 2022
Downthem DDoS Service owner sentenced

Downthem DDoS service owner gets a 2-year prison sentence

June 30, 2022
Cloudflare record breaking DDoS

Cloudflare Stops Record-Breaking DDoS

June 29, 2022
Zerosecurity

We cover the latest in Information Security & Blockchain news, as well as threat trends targeting both sectors.

Categories

  • Crypto
  • Data Breaches
  • DotNet Framework
  • Downloads
  • Exploits
  • Exploits
  • Information
  • Legal
  • Malware
  • Malware Analysis
  • Mobile Security
  • Paper Downloads
  • Piracy
  • Privacy
  • Programming
  • Public
  • Security
  • Security
  • Software & Service Reviews
  • Technology News
  • Tools
  • Tutorials
  • Video Tutorials
  • Whitepapers
  • Zero Security
  • Contact Us
  • List of our Writers

© 2022 ZeroSecurity, All Rights Reserved.

No Result
View All Result
  • Home
  • Security
    • Tools
  • Data Breaches
  • Malware
  • Privacy
  • Contact Us

© 2022 ZeroSecurity, All Rights Reserved.