A New Compact Variant Discovered

216.73.216.233

A New Compact Variant Discovered

· Published 26/06/2024 08:23 · Modified 26/06/2024 08:56

Essential information

Published: 26/06/2024 08:23
Modified: 26/06/2024 08:56
Tags: 2024-06-26 android fraud medusa tanglebot trojan
Related entities: 50 observables, 1 intrusion sets (apt), 8 techniques (mitre), 2 malware, 6 others

Description

Security researchers at Cleafy Labs detected a resurgence of the Medusa banking trojan, which targets Android devices for on-device fraud. The new variant exhibits a lightweight permission set, expanded geographical targeting, and the adoption of droppers for distribution. It introduces capabilities like full-screen overlays and remote app uninstallation while removing some previous functionalities. The malware's evolving tactics, including minimizing permissions for stealth and experimenting with novel distribution methods, underscore its growing threat.

External references

https://www.cleafy.com/cleafy-labs/medusa-reborn-a-new-compact-variant-discovered
https://otx.alienvault.com/pulse/667bd010511c7d2bf93bd475