INFRA
INFRA
INFRA
New form of Marcher Android malware delivers a hat-trick of malicious actions
A new form of the Marcher Android malware has been discovered in the wild, delivering a hat-trick of malicious actions in the form of phishing, credit card data theft and, to top it off, a banking trojan virus.
First spotted Friday by researchers at Proofpoint Inc., the new “multistep” version involves the original version of the Marcher Android banking trojan first discovered in 2013. But it also includes credential phishing and credit card data theft for good measure, a combination described as being “sophisticated” in its form given that usually malware involves just one form of attack.
The new version of Marcher is spread through a targeted phishing attack, with victims presented with a link in an email, often in the form of a bit.ly shortened link. The link leads to a phishing page that asks for banking login credentials or an account number and PIN.
All the observed cases were targeted specifically at people in Austria, though the researchers noted that these types of threats are likely to expand. “As our computing increasingly crosses multiple screens, we should expect to see threats extending across mobile and desktop environments,” they noted. “Moreover, as we use mobile devices to access the web and phishing templates extend to mobile environments, we should expect to see a greater variety of integrated threats like the scheme we detail here.”
Commenting on the uniqueness of this attack, Manoj Asnani, vice president of product and design at Balbix Inc., told SiliconANGLE that the new form of Marcher should be considered a wakeup call. “High-prized hacking targets in possession of critical data need robust security systems that don’t rely solely on human expertise and legacy security tools to prevent these type of multivector attacks,” he said.
Asnani added that AI-based autonomous systems that employ statistical techniques can easily distinguish fake sites from real ones and warn users of phishing threats. They also can flag malicious apps from nonrecognized sites before they’re downloaded. “This type of multivector attack would be very difficult to execute if an organization had a smart breach prediction system that warned users at every single potential step towards a data breach,” he said.
Image: Maxpixel
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
