Asacub Trojan Evolved From Spyware To Banking

Asacub Trojan Evolved From Spyware To Banking
Rate this post

There exists no doubt that malware evolves quickly and so do the goals of cyber crooks. One of the most crucial errand of the security researchers is to closely observe the pieces of malware. These days, one of the research team, Kaspersky Lab has been carefully studying the new malware dubbed as Asacub. The malware Asacub broke out just as a simple spyware and nowadays appears to be a fully equipped banking trojan. Security team is warning about the emerging mobile banking trojan that is found to use infrastructure elements which CoreBot Windows spyware trojan used to employ.

Evolution of Asacub

Asacub initially emerged in June 2015 and was acting as an information stealing trojan virus that snitch user’s contact lists and browser history. The early variant of Asacub was used to snitch incoming SMS messages from targeted phone then upload them to malicious server. But then, in July 2015, a completely new version of Asacub was registered where new commands were added. In the late 2015, it was evolved to become full-fledged mobile banking trojan with the ability to steal money from victims. This new feature enables the trojan to show phishing page for banking application. Asacub is a banking trojan, a kind of malware that gets installed in a mobile device and deploys some specific techniques to steal away user’s money from their credit cards.

In total, attempts to infect more than 16000 users have been made, according to a data sourced by Kaspersky Security Network. Getting onto user’s device really involves an effort to easily delude user into installing malevolent application somehow. Some researchers initially stated that the banking trojan was targeting Russia and Ukraine exclusively due to the resemblance of login screen with some Russian and Ukrainian banks. However, further investigation proved this concept wrong.


How Did Asacub Evolve To Banking Malware?

According to a research published revealed that Asacub once thought of as spyware have completed its transition into banking malware. When the malware was first surfaced in June 2015, it was assumed that it was spyware again since it more or less fits the part. Lately, Russian firm based researchers then acknowledged a newer and more souped-up version in September 2015 and observed that malware’s functionality has changed. It is by now appear as a full-fledged banking trojan. The virus did not stop there and new commands and functionalities were added to its code each month. This is when the trojan virus updated to display phishing screen for a number of banking applications.

Based on the researcher’s report, the most recent version of Asacub is more focused on stealing banking information. Earlier version of the malware used a bank logo as an icon as compared to later version which uses phishing screens with bank logos. Later on, it was crafted to pass on phone calls, make USSd requests and download and install various apps from internet. On December 2015, Asacub attacks became aggressive and wide spread. During the attack, new features were added to Asacub’s capabilities. PC users should know about Asacub’s communication with its command and control server that it receives commands to work with mobile banking service of major Russian bank.

Leave a Reply

Your email address will not be published. Required fields are marked *