Alien Android Banking Botnet 2024
Alien Android Banking Botnet 2024

 

Alien Android Banking Botnet 2024

 

Overlaying: Dynamic (Local injects obtained from C2)

Keylogging

Remote access

SMS harvesting: SMS listing

SMS harvesting: SMS forwarding

Device info collection

Contact list collection

Application listing

Location collection

Overlaying: Targets list update

SMS: Sending

Calls: USSD request making

Calls: Call forwarding

Remote actions: App installing

Remote actions: App starting

Remote actions: App removal

Remote actions: Showing arbitrary web pages

Remote actions: Screen-locking

Notifications: Push notifications

C2 Resilience: Auxiliary C2 list

Self-protection: Hiding the App icon

Self-protection: Preventing removal

Self-protection: Emulation-detection

Architecture: Modular