Warning Ghimob new banking malware, mobile users cannot remove
Users need to be very wary of a new type of banking malware called Ghimob that is attacking mobile users globally.
Kaspersky security has issued a warning about a new type of banking malware - called Ghimob - that is attacking mobile users around the globe.
According to Kaspersky, Guildma is a security threat and is also part of the infamous Tétrade line of malware, known for its destructive activities that have the potential to expand in both Latin America and many countries around the world. They have been very active in the application of new techniques, and developing malware to target new victims.
As a new malware, Trojan Ghimob attacked the banking industry and tricked its victims into installing malicious files through an email message saying that the recipient was in debt.
The email also contains a link to trick the victim into clicking into for more information. Once installed, the malware sends a successful infection message to the server.
"Messages include phone number, screen security lock info and a list of installed apps that may be hacked. Overall, Ghimob can spy on 153 mobile apps, mostly are mobile applications from banks, cryptocurrencies and the stock market "- Kaspersky information security expert.
Functionally, Ghimob acts as a spy in the pocket of the victim. Hackers who develop malicious code can easily access infected devices. They commit fraud using the victim's smartphone to avoid device identification and security measures that financial institutions have in place and evade all systems. behavior-based fraud prevention.
Even when the user uses a lock screen, Ghimob can still record and playback to unlock the device. When the hackers develop malicious code ready to commit a fraudulent transaction, they can insert a black screen or open several websites in full screen mode. Then, when the user locks in the screen, the hackers develop malicious code that conduct fraudulent transactions in the background, through financial applications running on the device.
Kaspersky's statistics show that, in addition to Brazil, Ghimob's attack targets are in Paraguay, Peru, Portugal, Germany, Angola and Mozambique and are expanding globally.
Fabio Assolini, Kaspersky's security expert said: 'Ghimob is Brazil's first mobile banking Trojan ready to expand internationally. We think this new campaign may involve Guildma hacker group, responsible for Brazil's famous Trojan malware, especially because they share the same infrastructure.
Kaspersky's security expert recommends that financial institutions closely monitor these security threats, while improving authentication processes, enhancing anti-fraud technology, and data and information. about the security threat and learn about and minimize all the risks posed by this malicious code.
You should read it
- Stolen bank account with Trojan Banking
- New banking malware discovered that can remotely control Android devices
- Detected 4 banking trojans in 11 apps on Google Play Store
- Destroy ZeuS, the 'lord' of banking trojans
- Microsoft warned the Emotet trojan back on a large scale, stealing the victim's banking information
- Use SEO to bring Google search results to bank trojans
- How to check if your PC is infected with Emotet malware
- New bank trojan detection on Android Red Alert
- Risks from malware and how to prevent it
- Sophisticated spam Trojan unmatched
- 5 mobile security risks you need to avoid
- What is Safe Malware? Why is it so dangerous?
Maybe you are interested
iPhone security tips you're missing out on
This list of common passwords shows how little we understand about online security
Download free Windows Server 2025 security guide
5 Misconceptions About Password Security
Should I buy a USB, Bluetooth or NFC security key?
4 Security Steps to Follow When Using Remote Access Applications