Home OSINT News Signals
CYBER

BeatBanker: A dual‑mode Android Trojan

FC
Falcon Cyber Desk
2026-03-10
🕓 1 min read

BeatBanker: A dual‑mode Android Trojan

Recently, we uncovered BeatBanker, an Android‑based malware campaign targeting Brazil. It spreads primarily through phishing attacks via a website disguised as the Google Play Store. To achieve their goals, the malicious APKs carry multiple components, including a cryptocurrency miner and a banking Trojan capable of completely hijacking the device and spoofing screens, among other things. In a more recent campaign, the attackers switched from the banker to a known RAT. This blog post outlines each phase of the malware’s activity on the victim’s handset, explains how it ensures long‑term persistence, and describes its communication with mining pools. The campaign begins with a counterfeit website, cupomgratisfood[.]shop, that looks exactly like the Google Play Store. This fake app store contains the “INSS Reembolso” app, which is in fact a Trojan. There are also other apps that are most l

Source: https://securelist.com/beatbanker-miner-and-banker/119121/

Telegram X LinkedIn
Back to News
OSINT BotDeep intelligence on any target
News ChannelReal-time cyber & crypto alerts
Read Also
index
Yardeni Research President Says Stock Market Has Already Bottomed – Here’s Why
XRP’s Price is Crashing Again and This Key Level Could Decide Everything
XRP slips to $1.31 after failed breakout as liquidity dries up