BingoMod: The new android RAT that steals money and wipes data

Tags

External References

• https://www.cleafy.com/
• https://otx.alienvault.com/

Description

In late May 2024, a new Android Remote Access Trojan (RAT) named BingoMod emerged, aiming to initiate fraudulent money transfers from compromised devices using a technique called On-Device Fraud (ODF). After installation, BingoMod steals sensitive information, conducts overlay attacks, and provides remote control capabilities to threat actors. Once a successful fraud is completed, the infected device is typically wiped clean to hinder forensic investigations. BingoMod targets English, Romanian, and Italian users and employs obfuscation techniques to evade detection. While still in development, it exhibits capabilities similar to other banking trojans like Medusa and Copybara.

Date