Updated on 2022-10-28: ERMAC v2
QuoIntelligence published an in-depth analysis of ERMAC v2, an Android banking trojan that was first spotted last year and which got updated to v2 earlier this year in May.
Read more:
- ERMAC 2.0 Evades MFA to Steal Banking Credentials of Over 400 Android Apps
- ERMAC – another Cerberus reborn
A new #Android banker ERMAC 2.0 impersonates #Bolt Food and targets 🇵🇱 Polish users.
Available for rent on underground forums for $5K/month since March 2022, ERMAC 2.0 already has an active campaign. #ESETresearch @LukasStefanko 1/3 pic.twitter.com/hGeD4ZSwve— ESET research (@ESETresearch) May 18, 2022
Updated on 2022-10-29
Cyble detected a mass phishing campaign targeting Android users with the ERMAC banking trojan. The latest version of the trojan targets 467 apps. Read more: ERMAC Android Malware Increasingly Active
Overview: ERMAC reaches v2
ESET said that it has discovered what appears to be the next iteration of the ERMAC Android trojan, which the company dubbed ERMAC 2.0. The first version of this trojan was spotted last year by ThreatFabric.
A new #Android banker ERMAC 2.0 impersonates #Bolt Food and targets 🇵🇱 Polish users.
Available for rent on underground forums for $5K/month since March 2022, ERMAC 2.0 already has an active campaign. #ESETresearch @LukasStefanko 1/3 pic.twitter.com/hGeD4ZSwve— ESET research (@ESETresearch) May 18, 2022
