Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

European Banks Already Under Attack by New Malware Variant

Sept. 26, 2024, 1:39 p.m.

Description

A new version of the Octo malware, named Octo2, has emerged as a significant threat to European banks. This variant builds upon the capabilities of its predecessor, which was already a dominant force in mobile malware. Octo2 features improved remote access capabilities, sophisticated obfuscation techniques, and a Domain Generation Algorithm (DGA) for communication with command and control servers. Initial campaigns have been observed in Italy, Poland, Moldova, and Hungary, targeting banking applications. The malware's developers have focused on enhancing stability for Device Takeover attacks and implementing advanced anti-detection measures. With the original Octo source code leaked, Octo2 represents an escalation in the mobile threat landscape, posing increased risks to mobile banking security worldwide.

Date

Published: Sept. 25, 2024, 12:54 p.m.

Created: Sept. 25, 2024, 12:54 p.m.

Modified: Sept. 26, 2024, 1:39 p.m.

Attack Patterns

Octo2

Architect

T1552

Additional Informations

Finance