Group-IB researchers uncovered the malware that casts a wide net and is complete with fully automated features designed to steal both fiat and crypto currency from user accounts by leveraging a device’s Accessibility Service mode to bypass security bank features.
Gustuff has the potential to target users of more than 100 banking apps and is equipped with phishing pages to designed to trick Android users surfing the apps of major banks, including Bank of America, Bank of Scotland, J.P.Morgan, Wells Fargo, Capital One, TD Bank and PNC Bank as well as crypto services such as Bitcoin Wallet, BitPay, Cryptopay and Coinbase, researchers said.
Source: SC Magazine
