TLDR:
Android Malware-as-a-Service “Coper” offers advanced features to hackers, including keylogging, interception of push notifications and SMS messages, and control over infected device screens. The malware, a descendant of the Exobot family, targets users in countries like Portugal, Spain, Turkey, and the United States. It utilizes VNC for remote access, encryption techniques to evade detection, and communicates with a C2 server to collect victim device information. Indicators of compromise and C2 infrastructure details have been identified, showcasing the extent of the malware’s capabilities.
Android Malware-as-a-Service “Coper” is a descendant of the Exobot malware family and was first distributed as a fake version of Bancolombia’s ‘Personas’ application.
The malware offers advanced features such as keylogging, interception of push notifications and SMS messages, and control over infected device screens.
The malware targets users in countries like Portugal, Spain, Turkey, and the United States.
The malware utilizes VNC for remote access, encryption techniques for evasion, and communicates with a C2 server to collect victim device information.
For more information, you can visit the original article here.