Malicious Apps Masquerade as Government Agencies to Distribute Gigabud RAT
23-Jan-23
Threat actors are disseminating Gigabud, a new Android virus that pretends to be government entities, financial institutions, and other businesses from Thailand, Peru, and the Philippines. Attackers lure consumers into downloading dangerous applications by imitating official, retail, and banking loan apps. According to Cyble researchers, when a user downloads a malicious software, it presents a legitimate-looking login page asking for the user’s password and cell number. The cellphone number submitted during registration is validated by Gigabud via a server-side verification method. The virus sends the user a bogus loan contract from the login screen and asks them to verify the information.
