Unusual Android malware distribution vector - physical analog letter ✉️ Fake letters were sent to people at their home addresses to download "Severe Weather Warning App" via the attached QR code. #Coper AKA #Octo2 banking malware is downloaded instead ncsc.admin.ch/ncsc/en/home/a…
3
77
190
22K
64
Download Image
IoC: Delivery URL: mspa-constabulary[.]org/Alertswiss_bind_sign.apk Sample: bazaar.abuse.ch/sample/4928c56… C&C: 64.7.198[.]190 Thanks to @abuse_ch
@androidmalware2 That looks good its even in perfect german. Not like the spam mails in my mailbox. 😆
@androidmalware2 What a creative and targeted vector.