"SoumniBot: Evading Detection and Exploiting Android Weaknesses"

April 17, 2024 at 09:38 PM

•

1 min read

"SoumniBot: Evading Detection and Exploiting Android Weaknesses" — Photo: BleepingComputer

TL;DR Summary

A new Android banking malware called SoumniBot is evading detection by exploiting weaknesses in the Android manifest extraction and parsing procedure, allowing it to steal information from infected devices. The malware uses three different methods to manipulate the manifest file's compression and size, tricking Android's parser and evading security checks. SoumniBot targets Korean users, hides its icon after installation, and remains active in the background, uploading data from the victim. Kaspersky has informed Google about the evasion methods, and provides indicators of compromise for the malware.

Topics:technology #android #cybersecurity #data-theft #kaspersky #malware #soumnibot

Share this article

SoumniBot malware exploits Android bugs to evade detection BleepingComputer
New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks The Hacker News
Analysis of the SoumniBot Android banker Securelist
Android banking malware exploits weaknesses to perform info-stealing operations: Report The Hindu

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 3 min read

Condensed

85%

591 → 86 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights