Acecard
Acecard is the name of a mobile banking Trojan that targeted a large portion of the owners of Android mobile devices. The threat is believed to be spread via corrupted APK files imitating popular software such as video players, social media applications, photo editors, games and more. In some cases, the creators of Acecard also used fake names such as 'PornoVideo' to lure users in. Some samples of the Acecard also were hosted on the Google Play Store, so its authors had the know-how to bypass Google's security restrictions clearly. While the Acecard Trojan supports phishing overlays for a wide range of applications, the majority of its attacks appear to be concentrated in Russia, Germany, Austria, France and Australia.
The Acecard Android Trojan Relies on Phishing Overlays
The peak of Acecard's activity happened around 2016, and the malware received regular updates during this period. While the initial versions of Acecard only supported four commands from the attackers, the latest iterations of the malware were much more functional:
- Intercept incoming SMS messages.
- Execute USSD codes.
- Retrieve GPS coordinates.
- Intercept text messages from specific numbers only.
- Exfiltrate old text messages.
- List installed applications.
- Send text messages.
- Display a phishing overlay, which can be configured via additional parameters.
Surprisingly, the overlays that the Acecard Trojan uses to phish for login credentials target more than just financial institutions and banks. The threat also can try to hijack profiles used for various social media networks, and it is not fully clear why they want to do this. It is possible that they may want to use the hijacked profiles to propagate the malware to the victim's contacts.
Cybercriminals are willing to exploit any device, as long as it would allow them to gain access to information. Smartphones and tablets are not an exception, so you should not underestimate the importance of strengthening the security of your mobile devices. Staying safe from the Acecard is easy if you keep your Android device protected by an up-to-date anti-malware application.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.