Forwarded from Pegasus NSO & other spyware
Untangling Android/TangleBot. We dig in a malicious sample of⦠| Cryptax
Via @androidmalware
#Android #RAT #TangleBot #BankBot
We dig in a malicious sample of Android/TangleBot of May 2024. TangleBot is also reported as a BankBot, although it is more an Android RAT currently than a banking trojan. It is also known as Medusa, but I prefer not to use this name, as this confuses the Android malware with a Windows ransomware, or with the non-malicious and useful hacking tool Medusa.
An excellent analysis of TangleBot is available here. I invite you to read it to understand the history of TangleBot, how much the new versions have changed, who they target and what they do.
In this blog post, I will focus on something different: how to analyze the sample, and how it is implemented.Via @androidmalware
#Android #RAT #TangleBot #BankBot