The malware, in this case, was a data gathering one, designed to allow further exploitation of the victims. After securing form login information from the user, the malware transfers that data to a server controlled by the attackers, who can then use it to profile their victim. They then use that information to go after those who have financial control over the company they work for.In targeted attacks, they call them up and use a combination of social engineering and phishing to have them give the attacker further access to financial information, which can result in banking theft.....avoided detection by the 58 most common anti-viral applications
Banking trojans were eventually spotted showing fake overlays on top of Android Pay and other mobile payment apps, but also apps used for booking flights and hotel rooms.Now, researchers at Kaspersky Lab have found an Android trojan that collects payment card data from taxi & ride-hailing apps.This move makes perfect sense, as most ride-hailing apps won't even let users sign up if they don't enter payment card details. This means that users are conditioned to handing over payment card data.