From ehackingnews.com
Fake banking apps laced with malware remain a crucial factor in the success of threat actors. For the Yanbian gang, a criminal group in Yanbian, China that targets organizations across Asia, it’s a skill they have been honing for more than a decade.
Since 2013, the Yanbian Gang has been targeting South Korean Android mobile banking customers with malicious Android apps impersonating major banks, including Shinhan Savings Bank, Saemaul Geumgo, Shinhan Finance, KB Kookmin Bank, and NH Savings Bank. RiskIQ’s threat research team examined some of the threat group’s most recent activity in this vector to examine their malware of choice as well as the large-scale hosting infrastructure they use to distribute and control it.