Mobile version of Escanor (“Esca RAT”) is actively used by Cybercriminals to attack online-banking consumers by interception of OTP codes.
Esca RAT can be used to collect GPS coordinates of the victim, activate hidden cameras, monitor keystrokes, and browse files on remote mobile devices to steal data.
“Fraudsters monitor the location of the target, steal credentials of online-banking platforms and perform unauthorized access from the same device and IP – in such cases fraud prevention teams are not able to detect it and react timely”
– said Ali Saifeldin A malware analyst with Resecurity, Inc. who investigated several recent online-banking theft cases.
Escanor infected the majority of victims in the U.S., Canada, UAE, Kuwait, Bahrain, Egypt, Saudi Arabia, Mexico, Israel, and Singapore with some infections in South-East Asia.