AttackMalware Families

BlankBot: A newly identified Android banking Trojan equipped with advanced features such as screen recording, keylogging, and remote control capabilities.

Admin
Banking Trojan

Cybersecurity researchers have uncovered a new Android banking trojan called BlankBot which targets Turkish users in an attempt to steal financial data.

Summary:
Researchers at Intel 471 Malware Intelligence discovered BlankBot in July 2024. It is a new Android banking Trojan that most likely targets Turkish users. Malicious features of BlankBot involve injections, keylogging, screen recording, and WebSocket connection with a control server. Antivirus software misses the majority of samples, yet the existence of logs and different codes implies the malware is still under development. In a report released last week, Intel 471 said.

BlankBot incorporates many of the features found in other banking Trojans but takes them a step further. Some key distinctions include:

  1. Advanced Screen Recording: Unlike its predecessors, BlankBot can capture real-time video of the device’s screen, potentially exposing sensitive information beyond just keystrokes.
  2. Sophisticated Remote Control: BlankBot offers attackers unprecedented control over infected devices, allowing for more complex and targeted attacks.
  3. Enhanced Anti-detection: BlankBot employs advanced techniques to evade detection by antivirus software and security researchers, making it more persistent and difficult to remove.
  4. Comprehensive Cryptocurrency Theft: While some Trojans have limited capabilities in this area, BlankBot is designed to target a wide range of cryptocurrency wallets.

Below is a list of some of the malicious APK files that include BlankBot. –
app-release.apk (com.abcdefg.w568b)
app-release.apk (com.abcdef.w568b)
app-release-signed (14).apk (com.whatsapp.chma14)
app.apk (com.whatsapp.chma14p)
app.apk (com.whatsapp.w568bp)
showcuu.apk (com.whatsapp.w568b)

IOC:
BlankBot APK SHA-256:
7d5b6bcc9b93aedc540e76059ee27841a96acb9ea74a51545dfef18b0fcf5b57
6fc672288e68146930b86c7a3d490f551c8d7a7e8ba3229d64a6280118095bea
ad9044d9762453e2813be8ab96b9011efb2f42ab72a0cb26d7f98b9bd1d65965
b4b4b195e14e9fda5a6d890ddb57f93ef81d6d9a976078354450ee45d18c89e3
8d6ca64e4c3c19587405e19d53d0e2f4d52b77f927621d4178a3f7c2bf50c2ea
d163cc15a39fb36391bd67f6eaada6691f0c7bc75fc80282a4a258244163e12a
6681b0613fc6d5a3e1132f7499380eb9db52b03ab429f0c2109a641c9a2ea4d3
11751c6aa3e5c44c92765876bc9cd46da90f466b9924b9b1993fa1c91157681d
fc5099e5be818f8268327aaf190cd07b4b4ebb04e9d63eefa5a04ea504f93d62

BlankBot control servers:
79.133.41.52
185.255.92.185

Found this article interesting? Follow us on X(Twitter) and LinkedIn to read more exclusive content we post.

Related Posts

905 thoughts on “BlankBot: A newly identified Android banking Trojan equipped with advanced features such as screen recording, keylogging, and remote control capabilities.

  363. My partner and I absolutely love your blog and find many of your post’s to be what precisely I’m looking for. Would you offer guest writers to write content for you personally? I wouldn’t mind producing a post or elaborating on a few of the subjects you write related to here. Again, awesome site!

    Reply

  370. Great post. I was checking constantly this blog and I’m impressed! Extremely useful info specially the last part 🙂 I care for such information a lot. I was seeking this certain information for a long time. Thank you and best of luck.

    Reply

  387. Thanks for the strategies presented. One thing I should also believe is credit cards presenting a 0 rate of interest often bait consumers in zero rate, instant approval and easy on-line balance transfers, nonetheless beware of the most recognized factor that will void your 0 easy street annual percentage rate and as well as throw one out into the very poor house rapid.

    Reply

  392. I am really impressed with your writing skills and also with the layout on your weblog. Is this a paid theme or did you modify it yourself? Either way keep up the nice quality writing, it抯 rare to see a great blog like this one today..

    Reply

  461. Thanks for the interesting things you have exposed in your short article. One thing I would really like to discuss is that FSBO human relationships are built over time. By introducing yourself to the owners the first weekend break their FSBO can be announced, prior to the masses start calling on Wednesday, you generate a good association. By sending them instruments, educational materials, free accounts, and forms, you become a great ally. By subtracting a personal interest in them in addition to their problem, you develop a solid relationship that, oftentimes, pays off once the owners opt with an agent they know as well as trust – preferably you actually.

    Reply

  468. Wow, marvelous blog structure! How lengthy have you ever been running a blog for? you make blogging glance easy. The full glance of your website is fantastic, as smartly as the content material!

    Reply

  489. Thanks for your write-up on the travel industry. I will also like to include that if you are a senior considering traveling, it can be absolutely crucial to buy travel cover for golden-agers. When traveling, seniors are at biggest risk of experiencing a medical emergency. Getting the right insurance plan package for one’s age group can safeguard your health and provide you with peace of mind.

    Reply

  490. First off I would like to say superb blog! I had a quick question which I’d like to ask if you don’t mind. I was interested to find out how you center yourself and clear your thoughts before writing. http://www.kayswell.com I have had a difficult time clearing my mind in getting my ideas out there.I truly do take pleasure in writing but it just seems like the first 10 to 15 minutes are

    Reply

  492. Thanks for your publication. What I want to comment on is that when evaluating a good online electronics store, look for a web site with total information on critical indicators such as the personal privacy statement, safety measures details, payment guidelines, along with terms and policies. Often take time to look into the help as well as FAQ areas to get a greater idea of how a shop performs, what they are capable of doing for you, and the way you can make best use of the features.

    Reply

  493. One thing is that when you find yourself searching for a education loan you may find that you will want a cosigner. There are many scenarios where this is correct because you will find that you do not employ a past credit standing so the loan provider will require that you’ve got someone cosign the financing for you. Thanks for your post.

    Reply

  499. Very nice post. I just stumbled upon your weblog and wished to say that I’ve really enjoyed browsing your blog posts. After all I’ll be subscribing to your feed and I hope you write again soon!

    Reply

  500. Hi there! This is kind of off topic but I need some guidance from an established blog. Is it difficult to set up your own blog? I’m not very techincal but I can figure things out pretty fast. I’m thinking about creating my own but I’m not sure where to begin. Do you have any points or suggestions? Many thanks

    Reply

  502. Wow, incredible blog layout! How long have you been blogging for? you made blogging look easy. The overall look of your web site is excellent, let alone the content!

    Reply

  503. Hi, Neat post. There is a problem with your site in web explorer, might test this? IE still is the market chief and a large component of other people will leave out your wonderful writing because of this problem.

    Reply

  504. I haven’t checked in here for a while because I thought it was getting boring, but the last few posts are good quality so I guess I’ll add you back to my daily bloglist. You deserve it my friend 🙂

    Reply

  509. Very nice post. I just stumbled upon your weblog and wished to say that I’ve truly enjoyed surfing around your blog posts. After all I will be subscribing to your feed and I hope you write again very soon!

    Reply

  513. Somebody essentially assist to make critically posts I would state. That is the first time I frequented your website page and to this point? I amazed with the research you made to make this actual put up amazing. Magnificent task!

    Reply

  521. Pretty great post. I just stumbled upon your weblog and wanted to say that I have really loved browsing your weblog posts. After all I’ll be subscribing on your feed and I hope you write once more very soon!

    Reply

  522. Hello there! I could have sworn I’ve been to this blog before but after checking through some of the post I realized it’s new to me.Anyways, I’m definitely glad I found it and I’ll be bookmarking and checking back frequently!

    Reply

  523. Hi there, just became alert to your blog through Google,and found that it is truly informative. I am gonna watch outfor brussels. I’ll be grateful if you continue this in future.Lots of people will be benefited from your writing.Cheers!

    Reply

  526. Greate article. Keep posting such kind of info on your site. Im really impressed by your site. Hi there, You have done an excellent job. I’ll definitely digg it and individually suggest to my friends. I am sure they will be benefited from this web site.

    Reply

  527. Interesting article. It is unfortunate that over the last decade, the travel industry has had to deal with terrorism, SARS, tsunamis, bird flu, swine flu, plus the first ever entire global recession. Through it all the industry has proven to be powerful, resilient as well as dynamic, getting new approaches to deal with adversity. There are constantly fresh issues and opportunity to which the sector must once again adapt and respond.

    Reply

  528. Pretty nice post. I just stumbled upon your weblog and wanted to say that I’ve truly enjoyed surfing around your blog posts. After all I’ll be subscribing to your rss feed and I hope you write again very soon!

    Reply

  529. Right here is the perfect blog for everyone who hopes to find out about this topic. http://www.ifashionstyles.com You understand so much its almost hard to argue with you (not that I actually will need to…HaHa). You definitely put a freshspin on a topic that has been written about for decades.Excellent stuff, just great!

    Reply

  530. Nice post. I learn something new and challenging on sites I stumbleupon everyday. It’s always exciting to read through content from other authors and practice a little something from other web sites.

    Reply

  532. Great blog you’ve got here.. It’s difficult to find excellent writing like yours these days. I seriously appreciate individuals like you! Take care!!

    Reply

  538. This is very attention-grabbing, You are an excessively professional blogger.I’ve joined your feed and stay up for in quest of extra of your fantastic post. Also, I have shared your web site in my social networks。

    Reply

  539. Oh my goodness! Incredible article dude! Many thanks, However I am experiencing problems with your RSS. I don’t understand the reason why I cannot join it. Is there anybody having the same RSS issues? Anyone that knows the solution will you kindly respond? Thanx!! http://www.ifashionstyles.com

    Reply

  540. Hey very nice web site!! Man .. Beautiful .. Amazing .. I will bookmark your site and take the feeds also…I am happy to find a lot of useful information here in the post, we need develop more strategies in this regard, thanks for sharing. . . . . .

    Reply

  541. Another issue is that video games are typically serious as the name indicated with the primary focus on knowing things rather than amusement. Although, it comes with an entertainment factor to keep your children engaged, each and every game is usually designed to work with a specific group of skills or program, such as mathematics or scientific discipline. Thanks for your posting.

    Reply

  542. You’re so interesting! I don’t suppose I have read something like this before. So nice to discover another person with a few genuine thoughts on this subject. Seriously.. many thanks for starting this up. This web site is something that’s needed on the web, someone with a little originality!

    Reply

  546. Great post. I was checking continuously this blog and I’m impressed! Extremely useful information specifically the last part 🙂 I care for such info much. I was seeking this certain information for a long time. Thank you and good luck.

    Reply

  548. Your mode of explaining everything in this piece of writing is genuinely pleasant, every one be capable of simply be aware of it, Thanks a lot.

    Reply

  551. Good day! Would you mind if I share your blog with my zynga group?There’s a lot of folks that I think would really enjoy your content. Please let me know. Cheers

    Reply

  552. I do agree with all of the ideas you have presented in your post. They are very convincing and will definitely work. Still, the posts are very short for newbies. Could you please extend them a bit from next time? Thanks for the post.

    Reply

  553. Admiring the time and effort you put into your site and detailed information you offer. It’s good to come across a blog every once in a while that isn’t the same unwanted rehashed information. Wonderful read! I’ve bookmarked your site and I’m adding your RSS feeds to my Google account.

    Reply

  570. Hello my loved one! I wish to say that this post is amazing, great written and include approximately all significant infos. I would like to peer extra posts like this .

    Reply

  605. Hiya! Quick question that’s totally off topic. Do you know how to make your site mobile friendly? My site looks weird when browsing from my apple iphone. I’m trying to find a template or plugin that might be able to correct this issue. If you have any suggestions, please share.

    Reply

  696. I’m not sure where you’re getting your info, but great topic. I needs to spend some time learning more or understanding more. Thanks for great info I was looking for this information for my mission.

    Reply

  779. Hi, Neat post. There’s a problem with your web site in internet explorer, would test this?IE still is the market leader and a large portion of people will miss your fantastic writing due to this problem.

    Reply

  861. Slot tại xn88 win có tính năng “tạm dừng” – nếu có việc đột xuất, bạn có thể pause ván chơi và quay lại sau mà không mất tiền cược hay vòng quay đang diễn ra. TONY12-30

    Reply

  896. Avia Masters de BGaming es un juego crash con RTP del 97% donde apuestas desde 0,10€ hasta 1.000€, controlas la velocidad de vuelo de un avion que recoge multiplicadores (hasta x250) mientras evita cohetes que reducen ganancias a la mitad, con el objetivo de aterrizar exitosamente en un portaaviones para cobrar el premio acumulado
    feg.org.es

    Reply

  897. Avia Masters de BGaming es un juego crash con RTP del 97% donde apuestas desde 0,10€ hasta 1.000€, controlas la velocidad de vuelo de un avion que recoge multiplicadores (hasta x250) mientras evita cohetes que reducen ganancias a la mitad, con el objetivo de aterrizar exitosamente en un portaaviones para cobrar el premio acumulado
    https://share.google/cZmrtPSiGY5DgiFrZ

    Reply

  898. Hi I am so delighted I found your blog page, I really found you by accident, while I was browsing on Aol for something else, Regardless I am here now and would just like to say cheers for a fantastic post and a all round interesting blog (I also love the theme/design), I don’t have time to read it all at the moment but I have saved it and also included your RSS feeds, so when I have time I will be back to read much more, Please do keep up the great job.
    casino zumospin

    Reply

  901. La esencia fundamental de AviaMasters es su revolucionario gameplay aГ©reo. Contrario a otros crash games, aquГ­ mГЎs allГЎ de ver, sino que tambiГ©n sientes la tensiГіn de cada decisiГіn.

    aviamasters.nom.es

    Reply

  902. Hệ thống khuyến mãi tại game 66b không chỉ hấp dẫn mà còn rất thực tế: từ tiền cược miễn phí không cần nạp, hoàn trả tuần lên tới 2%, đến quà sinh nhật và ưu đãi VIP theo cấp bậc – chơi càng nhiều, lợi càng lớn. TONY02-02O

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *