Ransomware cyber

Cleafy

Aug 6, 2024 1 min read
Cleafy

Cleafy, a cybersecurity firm, encountered a new Android malware known as 'BingoMod' which targets victims' bank accounts for fraudulent transfers and then wipes the devices to obstruct forensic analysis. This malware utilizes On Device Fraud (ODF) techniques to bypass authentication and identification processes established by banks. The attack mainly affected devices using English, Romanian, and Italian languages. Consequences include compromised financial information and significant personal data leaks of customers using the affected banking services. The nature of the attack also implies a potential ruinous impact on the banks' reputations and operational integrity.

Source: https://securityaffairs.com/166410/malware/bingomod-android-rat.html

TPRM report: https://scoringcyber.rankiteo.com/company/cleafy

"id": "cle002080624",
"linkid": "cleafy",
"type": "Ransomware",
"date": "8/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Financial',
                        'location': ['English-speaking regions',
                                     'Romania',
                                     'Italy'],
                        'type': 'Banking Services'}],
 'attack_vector': 'Mobile Devices',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Financial Information',
                                              'Personal Data']},
 'description': 'Cleafy, a cybersecurity firm, encountered a new Android '
                "malware known as 'BingoMod' which targets victims' bank "
                'accounts for fraudulent transfers and then wipes the devices '
                'to obstruct forensic analysis. This malware utilizes On '
                'Device Fraud (ODF) techniques to bypass authentication and '
                'identification processes established by banks. The attack '
                'mainly affected devices using English, Romanian, and Italian '
                'languages. Consequences include compromised financial '
                'information and significant personal data leaks of customers '
                'using the affected banking services. The nature of the attack '
                "also implies a potential ruinous impact on the banks' "
                'reputations and operational integrity.',
 'impact': {'brand_reputation_impact': 'Potentially Ruinous',
            'data_compromised': ['Financial Information', 'Personal Data'],
            'systems_affected': ['Android Devices']},
 'initial_access_broker': {'entry_point': 'Android Devices'},
 'motivation': 'Financial Gain',
 'title': 'BingoMod Android Malware Incident',
 'type': 'Malware',
 'vulnerability_exploited': 'On Device Fraud (ODF) techniques'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.