Asacub is a Trojan that targets Banks

A banking Trojan is a type of malware that installs itself on the mobile device and uses certain techniques to steal money from users’ credit cards. Recent versions of Asacub do this by tricking the user into entering their credit card credentials through phishing screens. Obviously, these data do not end in a real bank.

At first, the researchers suggested that this Trojan exclusively targeted Russia and Ukraine, as the phishing resembled the login screens of some Russian and Ukrainian banks. However, continuing their investigation, Kaspersky Lab researchers identified an additional version intended for US users, as another phishing screen displayed the logo of a major US bank. In addition to fake login screens, the malware does not use other methods to steal credit card details; Hence, it appears that the creators of Asacub have only targeted a few select banks.

However, Asacub is much more than just a phishing scam, even though it was a simple malware in its early days, it evolved from the lower ranks of the malware hierarchy.

The earliest modifications that we have news of appeared in the first half of June 2015, and due to their characteristics, they were closer to Trojan spies than to banking malware. At first Asacub stole all incoming SMS, regardless of who the sender was, and sent them to the crooks’ server.

In the second half of July 2015, new Asacub modifications appeared. The examples that we know of used logos of European financial institutions in their interface, in contrast to the first versions of the Trojan, which used the logo of one of the largest banks in the United States.

See also:
Janeleiro is a threat to personal and banking data
Spear Phishing attempt of data theft
What variants of Trojans can we find on the Internet?

---