search

chartingshow / crypto-firewall

🎁 Blocks browser-based crypto mining, cryptojacking, banking and crypto malware and phishing websites, apps and hackers command-and-control (C2) servers.
GNU General Public License v3.0
7 stars 0 forks source link

Block `Vultur` banking malware being used on Android devices #480

Closed summercms closed 2 months ago

summercms commented 2 months ago

Enhancement idea

Description

Vultur is one of the first Android banking malware families to include screen recording capabilities. It contains features such as keylogging and interacting with the victim’s device screen. Vultur mainly targets banking apps for keylogging and remote control.

Links

https://blog.fox-it.com/2024/03/28/android-malware-vultur-expands-its-wingspan/

IOC

I2P websites

n/a

IPFS websites

n/a

Tor2web websites

n/a

TOR websites

n/a

URL's

n/a

Folders

n/a

Sub-Domains

flandria171.appspot.com
newyan-1e09d.appspot.com

The domain appspot.com offers developers an infrastructure to build, deploy and scale applications, websites, and services.

Domains

053105.com
092877.com
353934.com
581574.com
582342.com
582630.com
593942.com
784503.com
908713.com
930204.com
960232.com
cloudmiracle.store
safetyfactor.online

IP's

n/a

ASN's

n/a

Emails

n/a

Wallet addresses

n/a

Mining pool addresses

n/a