Brazilian Phishing Campaign Uses Trojanized App to Spread Malware

A sophisticated phishing campaign has been uncovered in Brazil, targeting users with a trojanized version of the Red Alert rocket warning app.

The malware, named BeatBanker, masquerades as a legitimate application and spreads via a fake Google Play Store page. It targets devices with both a cryptocurrency miner and a banking Trojan, making it a multi-layered attack campaign.

BeatBanker exploits public safety concerns, especially during times of geopolitical tension, to deceive victims into installing the trojanized app. The infection chain begins once the victim installs the app, which displays a fake Google Play Store interface that prompts an 'update' to download additional malicious payloads.