BianLian
NJCCIC Threat Profile
Original Release Date: 2019-07-08
BianLian is a Android banking trojan first seen in October 2018 as a dropper for Android malware, such as Anubis. It evolved to bypassing security protocols within the official Google Play store. This trojan receives periodic updates to increase functionality and evade protections. BianLian requests permissions that allow it to read, send, and receive text messages; monitor and make calls; insert overlays on banking applications; lock the device screen; and, most recently, it added a screencast module. This module allows the trojan to record the screen of the device, which can be used to steal information such as usernames, passwords, and other sensitive information. As of July 2019, the trojan appears to still be under active development.
Technical Details and Reporting
- Fortinet provides a list of indicators and technical analysis, here.
Featured Content
- Disaster Relief and Tragedy-Related Scams>
- Flaw in Cosmo DB Could Allow Access to Databases>
- Threat Actors Use Messaging Service as Phishing Lure>
- Back-to-School Cybersecurity>
- Patch Now: Active Exploitation of Microsoft Exchange ProxyShell Vulnerabilities >
- T-Mobile Breach>
- Test Your Cybersecurity Knowledge - Take Our Cyber Quiz Today>
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.