Threat actor selling sophisticated Android malware
In the middle of May 23, a threat actor posted in a forum selling the source code of an Android bot. The malware, “Xmbot Maza,” enables the attacker to access the user’s credentials, encrypt files, geolocate the device, and log keystrokes. The attacker can use this malware to gain full access to any Android device and spread from there to other devices. Having said this, malware is merely a tool, and the attacker must be proficient in order to use it effectively.
On one purchase it cost 500$, which includes receiving source code for Admin panel and xmbot apk. In addition by purchasing this, the buyer can modify the code as their need.
Features includes,
- create fake notifications
- open a URL in a web browser
- keylogger functionality
- ransomware encryption/decryption capabilities
- bypass play protect.
- auto-allow permission function
- block anti-virus applications
- block anti-virus installation
- block reset phone
- get login credentials
What's Your Reaction?
