Group-IB warns about malware targeting banking apps and crypto wallets in Vietnam
Group-IB, a cybersecurity firm, has discovered a malware designed to steal funds from financial organizations and crypto wallets in Vietnam.
In a blog post on Oct. 4, Group-IB said Android devices are the primary targets of the GoldDigger trojan. It is distributed through false versions of the Vietnamese government application on the Google Play Store.
Fake website distributing GoldDigger | Source: Group-IB You might also like: Australian police seize $1.5m in crypto from dark web drug dealer
The malware uses the Android Accessibility service to pilfer personal information, passwords, banking credentials, intercept SMS messages, and mimic user actions.
Group IB says the malware has been active since at least June 2023, and it is protected with Virbox Protector, which provides advanced obfuscation and encryption.
Chinese and Spanish versions of GoldDigger have also been identified, indicating that the trojan may soon be active in these countries.
Group-IB advises Android users to avoid downloading apps from outside the Google Play Store and check the permissions an application requests after downloading.
Read more: Chainalysis Report: Vietnam Takes Top Spot in Global Crypto Adoption