Latest version of Svpeng targets users in US
Almost a year ago, we wrote our first blog about the mobile Trojan Svpeng. Back then, the first impression was that it was a standard Trojan-SMS class malicious program that stole money from SMS banking accounts.
Later we discovered that the cybercriminals had perfected the Trojan’s functionality and it had begun attacking mobile banking users, in particular, customers of three of Russia’s biggest banks. Svpeng would wait until the user opened an online banking app and then replace it with its own in an attempt to obtain the victim’s login and password. The Trojan also attempted to steal bank card details by displaying its own window on top of the Google Play app and requesting the information the criminals wanted.