← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
On-Device Fraud on the rise: exposing a recent fraud campaign
WHITE Copybara AlienVault 2024-03-06 Modified: 2024-04-05
10
IOCs
LOW VOLUME
A recent investigation uncovered an ongoing fraud campaign abusing the Copybara Android banking trojan to perform unauthorized bank transfers via instant payments. Threat actors exploited social engineering and remote access capabilities to infect devices and orchestrate on-device fraud undetected.
on-device fraudcopybaratrojan
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Copybara
Indicators of Compromise (10)
All FileHash-MD5 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 22483da70e998a316e9ac5b905b0fc9e 2024-03-06
domain app-nuova.com 2024-03-06
domain descarga-aqui.com 2024-03-06
domain descargar-e-instalar.com 2024-03-06
domain enlace-datos.com 2024-03-06
domain haga-clic-inicie-sesion.com 2024-03-06
domain link-dati.com 2024-03-06
domain nuova-app-token.com 2024-03-06
domain nuova-app.com 2024-03-06
domain proceder-al-modulo.com 2024-03-06
References (1)
↗ https://www.cleafy.com/cleafy-labs/on-device-fraud-on-the-rise-exposing-a-recent-copybara-fraud-campaign