Nearly a year after its first appearance, Aberebot, the Android banking trojan, has reappeared with a new name as Escobar .
This Escobar variant can steal banking credentials through overlay login forms, take screenshots, and record audio . This trojan is so sophisticated that it can steal MFA codes and even remotely control the victim’s device through VNC integration.
Escobar Banking Trojan in Wild
As per reports, the new Escobar malware is the second edition of Aberebot , which first appeared in the summer of last year . Later, the MalwareHunter team found this Escobar Bot Android Banking Trojan lurking around as the McAfee app.
BleepingComputer found that a seller in a Russian forum is selling the Escobar bot beta version for $3,000 and later at $5,000. This can do a wide range of activities like stealing credentials, taking screenshots and even controlling a device remotely!
Possible interesting, very low detected “McAfee9412.apk”: a9d1561ed0d23a5473d68069337e2f8e7862f7b72b74251eb63ccc883ba9459f From: https://cdn.discordapp[.]com/attachments/900818589068689461/948690034867986462/McAfee9412.apk “com.escobar.pablo” ???? pic.twitter.com/QR89LV4jat — MalwareHunterTeam (@malwrhunterteam) March 3, 2022
