Report an incident
Read in Polish Read in polish
  • About us
  • News
  • FAQ
  • Analyses
  • Publications
  • Contact
Tag #android
  • 16 January 2018 Agnieszka Bielec #analysis #android #botnet #malware #trojan

    Analysis of a Polish BankBot

    Article thumbnail

    Analysis of a Polish BankBot Recently we have observed campaigns of a banking malware for Android system, which targets Polish users. The malware is a variant of the popular BankBot family, but differs from the main BankBot samples. Its victims were infected by installing a malicious application from Google Play …

    Read more
  • 16 May 2016 Malgorzata Debska #android #e-banking #malware

    GMBot: new ways of phishing data from mobile web browsers

    Article thumbnail

    GMBot (also known as slempo) was described on our blog on October 2015. This malicious application for phishing login and password associated with a specific user of electronic banking uses known and common techniques of application overlay. It is nothing else but a normal phishing attack, very similar to the …

    Read more
  • 16 March 2016 Malgorzata Debska #android #e-banking #malware

    Malicious iBanking application with new uninstall countermeasures

    Article thumbnail

    Our CERT laboratory recently received a sample of iBanking malware (along with a malicious JavaScript code snippet associated with it), posing as the mobile Trusteer Rapport antimalware solution. The attack scenario isn’t new, it has been used many times in the past, but recently we see an increase in …

    Read more
  • 14 October 2015 Łukasz Siewierski #actors #android #e-banking #malware #postal group #ransomware #trojan

    The Postal Group

    Article thumbnail

    During SECURE conference we have presented our findings about criminal group, which we called “Postal Group” (“Grupa pocztowa”) based on theris modus operandi. Detailed research regarding the group have been gathered in the form of report available under the link below.   PDF   During the SECURE conference, we presented a talk …

    Read more
  • 02 October 2015 Łukasz Siewierski #analysis #android #app overlay #e-banking #GMBot #trojan

    GMBot: Android poor man’s “webinjects”

    Article thumbnail

    Recently, we obtained a sample of a new Android banking trojan, named GMBot, which tries to be self-contained (i.e. does not need Windows counterpart) and uses application overlay as a poor man’s webinjects substitute. This malware uses known and common techniques, but implements them in a way similar …

    Read more
  • 16 January 2015 CERT Polska #analysis #android #e-banking #malware

    iBanking is back in Poland

    Article thumbnail

    iBanking malware was already described on our blog in connection with the attacks targeting Polish e-banking users at the end of 2013. This malware posed as a mobile antivirus application, while in reality it was use to steal one time passwords that were sent via text message. The attack scenario …

    Read more
  • 11 August 2014 CERT Polska #android #malware

    Android RAT malware spreading via torrents

    Article thumbnail

    In the last few days we observed a number of new attacks targeting the Polish Android users. Many Polish and foreign blogs reported the phishing e-mails using Kaspersky brand to convience user to install an apk file. Below some details of this attack, including the malware analysis, are provided. Thanks …

    Read more
  • 17 December 2013 CERT Polska #android #e-banking #malware

    OTP stealer Android app masquerading as mobile antivirus targets Polish users

    Article thumbnail

    The E-Security mobile malware appeared at the beginning of this year. This malware was targeting Polish online banking users, with the goal of stealing One Time Passwords (OTPs) used to confirm banking transactions. The attack was part of a bigger scheme. When the user computer was infected, it displayed an …

    Read more
  • 08 November 2013 Łukasz Siewierski #android #malware

    What’s new, security-wise, in Android KitKat?

    Article thumbnail

    On the 31st of October Google released a new version of the Android Operating System – 4.4 called KitKat. This version introduces a number of new features, including a handful of security improvements. It also introduces a new approach to SMS and MMS handling, which breaks the compatibility of some …

    Read more
  • 12 June 2013 CERT Polska #android #botnet #e-banking #malware #trojan

    Evolution of an Android malware: the story of a friend of ZitMo

    Article thumbnail

    Recently we blogged about a new threat to Polish e-banking users called “E-Security”. When a user, whose machine was infected, tried to access her internet banking site she was greeted with a message that instructed her to install “E-Security Certificate” application on her Android phone. This “certificate” was nothing more …

    Read more
1 2 »

The CERT Polska team operates within the structures of NASK (Research and Academic Computer Network) — a research institute which conducts scientific studies, operates the national .pl domain registry and provides advanced IT services.

Social media

Facebook Twitter GitHub

Contact

ul. Kolska 12, PL-01-045 Warsaw, Poland
tel.: +48 22 380 82 74
fax: +48 22 380 83 99
ePUAP: /NASK-Instytut/SkrytkaESP

E-mail: [email protected]
Incidents: [email protected]

Co-financed by the Connecting Europe Facility of The European Union
  • © 2023 NASK
  • Privacy policy
  • CSIRT GOV
  • CSIRT MON