#AceNewsReport – Feb.09: Please note that Medusa has multiple botnets for every campaign, such as DHL or Flash Player, so we expect the numbers to be much higher and very close to what we are observing with Cabassous. At the time of writing, this side-by-side campaign is still ongoing.

#AceSecurityDesk says ThreatFabric analysts were able to retrieve the number of infected devices for one of the Medusa campaigns. In less then a month, this distribution approach allowed Medusa to reach more then 1500 infected devices in one botnet, masquerading as DHL.

After targeting Turkish financial organisations in its first period of activity in 2020, Medusa has now switched its focus to North America and Europe, which results in significant number of infected devices. Powered with multiple remote access features, Medusa poses a critical threat to financial organisations in targeted regions.

At the same time, Cabassous does not seem to have any intention of stopping its evolution. The major update that introduced DNS-tunneling through public DNS-over-HTTPS services has now been followed by a novel capability never seen before in mobile banking malware. In version 5.4 actors are able to abuse the “Notification Direct Reply” feature of Android OS while intercepting notifications, which allows them to manipulate notifications from targeted applications on victim’s device.

This blog covers Medusa banking Trojan new campaigns, gives an overview of Medusa threat actor’s backend infrastructure and describes the new capability of Cabassous and its impact on fraud risk level.

Medusa: Turkish delight with dangerous filling

First discovered by ThreatFabric analysts in July 2020, Medusa has undergone several updates of its capabilities. Although some researchers refer to Medusa as Tanglebot, differentiating them as two separate malware families that share some code similarities, ThreatFabric analysts have been tracking this family from its discovery, and believe that they are indeed the same malware family, which just received several updates and improved in its obfuscation techniques.

Medusa: a deadly gunslinger as wedding partner

The main threat posed by this Trojan lies in its semi-ATS (Automated Transfer System) capability. It is powered with an Accessibility scripting engine that allows actors to perform a set of actions on the victim’s behalf, with the help of Android Accessibility Service. Moreover, Medusa sports other dangerous features like keylogging, Accessibility event logging, and audio and video streaming – all these capabilities provide actors with almost full access to victim’s device.

By abusing Accessibility Services, Medusa is able to execute commands on any app thats is running on victims device. A command like “fillfocus” allows the malware to set the text value of any specific text box to an arbitrary value chosen by the attacker, e.g. the beneficiary of a bank transfer.

Thanks to the visibility ThreatFabric obtained on the Medusa backend panels, we were able to observe panel operator marking banking apps with the “BANK” tag, to control/log the input fields. This means that any banking app in the world is at risk to this attack, even those who do not fall within the current target list.

Keylogger

Medusa authors implemented a simple accessibility-based keylogging, allowing the bot to get access to UI events, such as clicks, text inputs and focus events of all application on the infected device. This feature allows the actors to collect much more than only user input, as it can also track actions performed on the UI and visualize the content shown in the applications. This enables the attackers to gain further insights into victim’s behavior and grants them ability to steal credentials without having to resort to the use of phishing attacks.

Always Be Humble & Kind

HUMBLE KIND 🙏👑🙏JESUS 🙏⚜️🙏

Storyville ~ God Is Love

GARDEN OF EDEN JESUS 🙏⚜️🙏

Always be gracious ❣️

“Being gracious and professional is key to building strong relationships. It inspires trust, respect, and confidence in those you interact with. Strive to embody these qualities in all your interactions – it’s a simple yet powerful way to make a positive impact.”

Spain Places Ban on polluting vehicles from ‘Low Emission Zone’ in Torremolinos set to come into force: This is how it will work

AceBusinessDesk – Although the regulation should have come into force on 1 January, by Spain’s Climate Change Law for municipalities with more than 50,000 inhabitants, the town hall requested a six-month moratorium @acenewsservices Ace Press News From Cutting Room Floor: Published:Apr.29: 2024: SUR English News By J. R. C. José Rodríguez Cámara Torremolinos: TELEGRAM Ace […]

Kenya Dam Bursts: More than 40 Killed in ‘Kamuchiri Village’After Heavy Rains & Flooding Officials Have Said

AceBreakingNews – Homes were swept away and roads were cut off after the dam burst in Kamuchiri village in western Kenya. Ace Press News From Cutting Room Floor: Published:Apr.29: 2024: By Farouk Chothia: BBC World (Africa) News: TELEGRAM Ace Daily News Link https://t.me/YouMeUs2 Forty-two dead, it’s a conservative estimate. There are still more in the mud,” […]

New Documentary Explores Climate Breakdown and ‘Protectors’ Fighting to Adapt

GlobalWarming & ClimateChange News Desk – The stress our planet faces from climate breakdown is increasingly apparent from “breaking news” events such as wildfires, hurricanes and flooding. Such reports often emphasize timely evacuations or posthumous accounts of the damage. Ace Press News From Cutting Room Floor: Published:Apr.29: 2024: Eco Watch News By Craig Thompson Earth […]

Edward Kennedy ‘Duke’ Ellington With Background in Classical, Popular, Ragtime & Stride Music Became Greatest Talent in the History of Jazz

AceHistoryDesk – Edward Kennedy “Duke” Ellington, often said to be America’s greatest composer, bandleader, and recording artist, was born on April 29, 1899, in Washington, D.C. Nicknamed “Duke” as a youngster, Ellington turned down a visual arts scholarship to focus his life on music. With a background in classical, popular, ragtime, and stride music, Ellington emerged […]

Australian Detectives Have Charged Four People In Crypto Currency (Boiler-Room) Investment Fraud

AceBreakingNews – Detectives from the Financial and Cyber Crime Group Money Laundering Unit have charged four people about an alleged ‘boiler room’ investment fraud operating on the Gold Coast: Members of the public can check if their financial adviser is registered by visiting https://moneysmart.gov.au/financial-advice/financial-advisers-register. Ace Press News From Cutting Room Floor: Published:Apr.29: 2024: QPS Media on Apr 29, […]

Six Convicted & 15 Cleared over response to Deadly 2018 Wildfire in Mati, according to Athens Greece Court report

AceBreakingNews – An Athens court has convicted six people and cleared 15 others over the wildfires that killed more than 100 people at a Greek Greece Court Ace Press News From Cutting Room Floor: Published:Apr.29: 2024: AFP/AP/Reuters News Agencies: TELEGRAM Ace Daily News Link https://t.me/YouMeUs2 The inferno tore through the seaside town of Mati, east of […]

UK and partners launch a programme to improve the lives of Somalia’s most vulnerable women and young children

AceBreakingNews – The UK and UNICEF have launched a programme to improve the health and nutrition of vulnerable pregnant women and young children in Somalia. Ace Press News From Cutting Room Floor: Published:Apr.29: 2024: TELEGRAM Ace Daily News Link https://t.me/YouMeUs2 The British Embassy Mogadishu today launched the development phase of the Better Lives for Somali Women […]

Feature Title

Life is a complex journey that is full of ups and downs, just like a bunch of roses. Each rose is unique and has its own story to tell. Some roses sparkle like raindrops, reflecting the joy and happiness that life can bring. These roses are the ones that make us smile and feel grateful for the beauty around us.Other roses fade away when there's no sun, reminding us of the challenges we may face in life. These roses symbolize the tough times that we all must endure, but also teach us to appreciate the good times even more.There are also roses that just fade away in time, reminding us of the importance of cherishing every moment we have. These roses are a poignant reminder of the fleeting nature of life and how we must make the most of every opportunity.Some roses dance in many colors, bringing a sense of vibrancy and energy to our lives. These roses represent the excitement and adventure that we can experience when we step outside of our comfort zones.Others droop with hanging wings, reminding us of the fragility of life. These roses teach us to be gentle with ourselves and with others, and to show kindness and compassion wherever we can.Finally, there are roses that make you fall in love with their beauty. These roses are the ones that take your breath away and leave you in awe. They remind us that beauty is in the eye of the beholder, and that we all have our own unique perspectives on what is truly beautiful.Ultimately, life is a journey that we must all navigate, and one thing is for sure - we will not get out alive. So let's cherish every moment, and appreciate the beauty that surrounds us, just like a bunch of roses.

dininimapentrutine on Lord 👑05/05/2024
Haleluia
Peace Truth on Why Should I Feel Bad04/05/2024
Late loves are better loves. They are denser and more complete than young ones.
Mr Empath on Why Should I Feel Bad04/05/2024
Thank you for this post. It’s so true. It’s about unconditional love and I know a thing or two about…
Peace Truth on Storyville My Soul (Persona) Life03/05/2024
We are immensely grateful for your unwavering support and uplifting words of motivation. You have been a true source of…
Peace Truth on Storyville My Soul (Persona) Life03/05/2024
I appreciate you taking the time to chat with me! Your input means a lot, and I'm grateful for your…