This study focuses on the harmful Anatsa code, a trojan especially designed for Android devices that has been present in multiple fraudulent SMS schemes since 2020, in which logistics companies are impersonated in an attempt to get the user to install a malicious application.
Through this study, a detail technical analysis of the threat is undertaken, with a sample of the malicious code, which belongs to the Mekotio family, with the main aim of identifying the actions this software carries out, using the set of tools used by this team of analysts.
This study focuses on the malicious code FluBot, a Trojan specially designed for Android devices and which has been present in multiple fraudulent SMS campaigns since 2020, in which it spoofs logistics companies seeking to have the user install a malicious application.
This study contains a detailed technical report prepared after analysing a sample of malicious code identified as Cring, the main purpose of which is to identify the actions it carries out, by performing an advanced analysis of the sample, using the set of tools used by the team of analysts.
This study, conducted after analysing a sample of malware from the WannaMine family, with the main purpose of identifying the actions it performs and how it spreads, as well as identifying the family it belongs to and possible destructive effects it may cause, to know it and be able to take adequate prevention and response action.
This report contains a summary of the methodology followed as well as the main findings and results obtained after completion of the study in order to understand the context and dynamics of the R&D and innovation activity related to cybersecurity in Spain.
INCIBE publishes the study on “Cyber exercises taxonomy” with the aim of proposing a taxonomy of cyber exercises that can become a useful tool for the national and international cybersecurity community.