Priya PatelTLDR:
- A new Android malware threat called Ajina.Banker has been identified by security researchers in Central Asia.
- The malware is designed to steal financial information, including 2FA codes, making it particularly dangerous.
An Android malware threat known as Ajina.Banker has been discovered by security researchers targeting users of banking applications in Central Asia. This malware is specifically designed to steal financial information and credentials, including the interception of two-factor authentication (2FA) codes, making it a significant threat to user security.
The Ajina.Banker campaign was first spotted in May 2024, with thousands of malicious samples being detected. These samples were disguised as banking applications and apps for payments and deliveries, distributed through messaging platforms such as Telegram channels, rather than official app stores.
The malware campaign targeted countries including Armenia, Azerbaijan, Kazakhstan, Kyrgyzstan, Pakistan, Russia, Tajikistan, Ukraine, and Uzbekistan. However, the attacks have expanded beyond these regions, causing more victims in other countries as well.
To combat the threat of Ajina.Banker, Google advises all Android users to utilize Google Play Protect for protection against such threats. The company also introduced Play Protect Live service with AI-powered features to further enhance security.
Despite the risk of Ajina.Banker intercepting and copying 2FA codes, experts emphasize the importance of using 2FA as a crucial security measure. Credential theft remains a top priority for threat actors, making 2FA one of the most significant security protections available to users in the face of evolving malware threats like Ajina.Banker.
