Report

How the Medusa Banking Trojan Exploits Social Networks

When the banking malware for Android known as Medusa initially launched, it exclusively attacked users of Turkish banking entities; now it attacks banking entities in the US, Canada, and Europe.

Medusa opens the accessibility systems on a victim’s device and displays an alert requesting permissions. The malicious app will continue to open the accessibility settings and display the alert until the permissions are granted. It also takes advantage of several social networks (including Telegram, ICQ, and Twitter) to store the address of the control server to which the trojan must connect.

Download our threat report How the Medusa Banking Trojan Exploits Social Networks to learn how this banking trojan:

sends commands to steal lists of contacts stored on an infected device
steals SMS messages to obtain one-time passcodes to authorize online banking transactions
shares an infected device’s screen with the attacker in real time.

Download the Report!

Download this Resource

Related Resources

Solution Guide

Report

How the Medusa Banking Trojan Exploits Social Networks

Download this Resource

Related Resources

Sign up for our newsletter

Stay Up-to-Date on Financial Risk Management

Report

How the Medusa Banking Trojan Exploits Social Networks

Download this Resource

Related Resources

What Is Behavioral Biometric Analysis?

Oscorp Threat Report: Cryptocurrency Theft Malware

Using Digital Trust to Stop Impersonation and Manipulation Attacks

Sign up for our newsletter

Stay Up-to-Date on Financial Risk Management