Asacube Botnet 2024 - Targeting Android Banking Users

[FreyaZone1 DF Member Posts:32 Threads:22 Reputation 0]

4 ShareMega-NZMirroredMedia Fire 
What is Asacube Android Banking Botnet 2024?Asacube is a modular banking trojan that functions as part of a botnet, meaning infected devices are controlled remotely by cybercriminals. It uses Android Accessibility Services to gain deep system access, enabling it to byass security measures, read notifications, and auto-click buttons without user interaction.
 
Detailed Features of Asacube 20241. Overlay Attacks (Fake Login Screens)

• Displays realistic fake banking app screens to steal credentials.
  
• Supports multiple banking apps (Chase, Wells Fargo, Revolut, Binance, etc.).
  

2. SMS Interception & 2FA Bypass

• Reads incoming SMS messages (TAN codes, OTPs).
  
• Can auto-delete security SMS alerts to hide fraud.
  

3. Keylogging & Screen Recording

• Logs keystrokes to capture passwords.
  
• Records screen activity to monitor user behavior.
  

4. Anti-Detection & Persistence

• Hides app icon after installation.
  
• Uses obfuscated code to evade Google Play Protect.
  
• Reinstalls itself if uninstalled (via persistence scripts).
  

5. Botnet Functionality

• Infected devices join a DDoS network when idle.
  
• Can spread via WhatsApp/SMS phishing links.
  

6. Advanced Exploits

• Exploits Android zero-day vulnerabilities (if available).
  
• Roots devices for deeper access (on vulnerable phones).
  

7. Remote Control via C2 Server

• Receives real-time commands from attacker-controlled servers.
  
• Can unlock devices, install additional malware, or wipe logs.