SOVAAndroid
SOVA Android banking trojan. Chrome overlay, cookie steal, VNC, ransomware module. 200+ banks target.
Threat Profile
Type
Botnet
Programming LanguageJava
C2 ProtocolHTTP/WebSocket
First Seen2021
Targets
Android/Finans
Purpose / Capabilities
- Android Banking Trojan
No C2 servers have been identified for this family yet.
Research Reports (2)
SOVA Android Banking Trojan -- 2.4MB APK, Accessibility Servis Overlay, Chrome Hedefi | Kritik
SOVA Android 2.4MB. AccessibilityService overlay. Chrome hedefi. 200+ banka uygulaması. Rus siber suç forumu.
Read Report →SOVA Android -- dump.apk 6.5MB, assets/chrome.html Sahte Overlay, C2apc Config | Kritik
SOVA Android dump.apk 6.5MB. assets/chrome.html sahte Chrome overlay. C2apc config. Bankacılık trojanı.
Read Report →