SOVAAndroid

SOVA Android banking trojan. Chrome overlay, cookie steal, VNC, ransomware module. 200+ banks target.

Threat Profile
Type Botnet
Programming LanguageJava
C2 ProtocolHTTP/WebSocket
First Seen2021
Targets Android/Finans
Purpose / Capabilities
  • Android Banking Trojan
No C2 servers have been identified for this family yet.

Research Reports (2)

Critical

SOVA Android Banking Trojan -- 2.4MB APK, Accessibility Servis Overlay, Chrome Hedefi | Kritik

SOVA Android 2.4MB. AccessibilityService overlay. Chrome hedefi. 200+ banka uygulaması. Rus siber suç forumu.

Read Report →
Critical

SOVA Android -- dump.apk 6.5MB, assets/chrome.html Sahte Overlay, C2apc Config | Kritik

SOVA Android dump.apk 6.5MB. assets/chrome.html sahte Chrome overlay. C2apc config. Bankacılık trojanı.

Read Report →