AppLite: A New AntiDot Variant Targeting Mobile Employee Devices

216.73.216.6

AppLite: A New AntiDot Variant Targeting Mobile Employee Devices

· Published 11/12/2024 19:12 · Modified 11/12/2024 19:35

Essential information

Published: 11/12/2024 19:12
Modified: 11/12/2024 19:35
Tags: 2024-12-11 android applite banking trojan
Related entities: 200 observables, 2 malware, 7 others

Description

A sophisticated Mishing campaign delivers malware to Android devices, enabling credential theft from banking, cryptocurrency, and critical applications. The campaign uses phishing domains to distribute a new variant of the Antidot banking trojan, dubbed AppLite Banker. Attackers pose as recruiters, tricking victims into downloading a malicious app that installs AppLite. The malware can mimic enterprise apps, Chrome, and TikTok, allowing for device takeover and application access. It uses advanced techniques like ZIP manipulation, websocket communication, and overlay attacks to evade detection and steal credentials. AppLite targets users in multiple languages and focuses on banking, cryptocurrency, and finance apps across various countries.