A significant cybersecurity threat has emerged in the Android ecosystem, capable of pilfering funds from multiple banking apps. Researchers at cybersecurity firm Group-IB uncovered this new threat, dubbed “GoldDigger,” during a campaign observed in June this year.
Unmasking the Threat: In this campaign, unidentified threat actors employed a two-pronged approach to distribute the GoldDigger malware. They utilized two deceptive apps—one posing as a Vietnamese government portal and the other masquerading as an energy company.
The Evasive Attack Vector: The exact method of the attack’s delivery remains elusive, but researchers speculate that the attackers likely reached out to potential victims through channels like social media, email, and other common methods. Through these channels, victims were directed to fraudulent Google Play websites, where they were encouraged to download the deceptive apps.