Security researchers discovered two Android trojans—BankBot-YNRK and DeliveryRAT—targeting financial data. BankBot-YNRK uses accessibility services to steal credentials from 62 banking apps, harvest device data, and execute unauthorized transactions, while checking for emulated environments to evade detection. DeliveryRAT, distributed via fake delivery and banking apps, steals SMS messages and call logs while hiding its icon. Both malware families exploit Android permissions and accessibility features, with BankBot-YNRK limited to Android 13 and below due to security improvements in Android 14. Over 760 apps have also been found misusing NFC to steal contactless payment data.
Sort: