Android Malware GM Bot has been in the news lately as it was revealed that the source code was leaked online in December, leading to the increased likelihood that cyberattackers will be hitting Android users with a new wave of dangerous banking malware. The source code is available for free on the dark web, and also includes server-side instructions and tutorials to allow the malware to infect vulnerable devices.
GM Bot is a Russian-based Trojan that places fraudulent windows on top of banking applications that look to capture online banking credentials. The spyware can remotely control infected devices, intercept and read SMS messages sent to the infected mobile device and pull data from them. The user has to fill in the information required in the fraudulent window, but once this is done, the malware saves this data and sends it back to the hackers, who can then use this to take money from the account details given.
GM Bot is also packaged as MazarBot and has been sold for as much as $500 on underground forums. GM Bot 2.0 is also now in development, again being peddled online by cybercriminals.
- Don’t fill in any forms on windows that open that are not part of your online banking app. If in doubt, close the app down and call your bank directly to ask for further information
- Use a virus program at all times on your device that will detect attempts to infiltrate your device. There are a number available including Avast, Norton and Kaspersky, either free or for a cost to upgrade.
- If you suspect you have been infected or fallen prey to the malware, call your bank and put a stop to all your cards. Report the potential fraud to the police and run an anti-virus program on your device to try and clear the threats out.