Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

DoubleTrouble – Zimperium uncovers new banking trojan

published on 2025-08-05 08:21:03 UTC by Millie Marshall Loughran
Content:

Zimperium has announced new findings from its zLabs team on an evolving mobile banking trojan dubbed DoubleTrouble.

The malware reportedly disguises itself using random two-word method names and has rapidly grown in sophistication – adding screen recording, advanced keylogging and new UI overlay capabilities designed to steal credentials and manipulate infected devices.

DoubleTrouble: Leveraging Discord-hosted APKs

Originally spread through phishing sites posing as European banks, DoubleTrouble is said to leverage Discord-hosted APKs to distribute malware in its latest campaign.

Zimperium has articulated that this shift marks a disturbing trend toward social media platforms being used as delivery channels for mobile malware.

Using obfuscation techniques and Android’s Accessibility Services, DoubleTrouble reportedly bypasses traditional detection methods and silently performs a range of malicious actions, including:

  • Stealing lock screen credentials using fake UI overlays
  • Recording screen content to capture usernames, passwords and OTPs
  • Blocking legit banking and security apps with fake “system maintenance” messages
  • Logging every keystroke in real time
  • Mimicking trusted apps with tailored HTML overlays to phish sensitive data

“Mobile threats are growing more evasive”

Kern Smith, VP of Solutions Engineering, Zimperium commented: “As attackers shift to mobile-first strategies and use dynamic delivery methods like Discord to evade traditional defences, organisations need real-time, on-device protection.

“DoubleTrouble is a stark reminder that mobile threats are growing more evasive and more dangerous, targeting everything from banking credentials to cryptocurrency wallets.”

Article: DoubleTrouble – Zimperium uncovers new banking trojan - published 2 months ago.

https://securityjournaluk.com/doubletrouble-zimperium-banking-trojan/   
Published: 2025 08 05 08:21:03
Received: 2025 08 05 08:23:51
Feed: Security Journal UK
Source: Security Journal UK
Category: Security
Topic: Security
Views: 12

Custom HTML Block

Click to Open Code Editor