August 29, 2023 BleepingComputer published A novel Android banking malware named MMRat utilizes a rarely used communication method, protobuf data serialization, to more efficiently steal data from compromised devices.
MMRat was spotted for the first time by Trend Micro in late June 2023, primarily targeting users in Southeast Asia and remaining undetected on antivirus scanning services like VirusTotal.
While the researchers do not know how the malware is initially promoted to victims, they found that MMRat is distributed via websites disguised as official app stores.
The victims download and install the malicious apps that carry MMRat, usually mimicking an official government or a dating app, and grant risky permissions like access to Android's Accessibility service during installation. Read More..