Infosecurity Magazinereports that Android devices across Europe have been subjected to social engineering attacks involving the newly emergent Miraxbanking trojan, which features both remote access and residential proxy capabilities, with the malware-as-a-service payload having already targeted over 200,000 accounts belonging to Spanish-speaking users.Intrusions commence with the proliferation of illicit ads on Facebook and Instagram that redirect to fraudulent IPTV or streaming apps, which serve as droppers for GitHub-hosted Mirax malware that decrypts concealed payloads and creates WebSockets-based communication channels for remote device control and data compromise while bypassing automated analysis, according to a Cleafy advisory.With devices impacted by Mirax being turned into residential proxy nodes, threat actors could then divert illicit traffic using legitimate IP addresses, as well as facilitate account takeover and anonymized network attacks. Mirax’s emergence emphasizes the increasingly modular nature of mobile security threats, said researchers, who warned of the potential expansion of the malware attack campaign.
More
Newsletter
Subscribe to get the latest news, offers and special announcements.