{"id":250704,"date":"2025-08-10T22:10:00","date_gmt":"2025-08-10T19:10:00","guid":{"rendered":"https:\/\/life.karpat.in.ua\/?p=250704"},"modified":"2025-08-10T04:14:53","modified_gmt":"2025-08-10T01:14:53","slug":"gyorsan-terjed-egy-uj-virus-az-androidos-telefonokon-azonnal-kiuritheti-a-bankszamlakat","status":"publish","type":"post","link":"https:\/\/life.karpat.in.ua\/?p=250704&lang=hu","title":{"rendered":"Gyorsan terjed egy \u00faj v\u00edrus az Androidos telefonokon, azonnal ki\u00fcr\u00edtheti a banksz\u00e1ml\u00e1kat"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><strong>A PlayPraetor nev\u0171 \u00faj Android-tr\u00f3jai m\u00e1r t\u00f6bb mint 11 ezer k\u00e9sz\u00fcl\u00e9ket fert\u0151z\u00f6tt meg vil\u00e1gszerte, f\u0151k\u00e9nt Eur\u00f3p\u00e1ban \u00e9s Latin-Amerik\u00e1ban, c\u00e9lzott kamp\u00e1nyokkal banki \u00e9s kriptot\u00e1rca-adatokat lopva. A k\u00ednai vez\u00e9rl\u00e9s\u0171 k\u00e1rtev\u0151 \u00e9s t\u00e1rsai, mint a ToxicPanda \u00e9s a DoubleTrouble, egyre kifinomultabb m\u00f3dszerekkel szerzik meg az ir\u00e1ny\u00edt\u00e1st az \u00e1ldozatok eszk\u00f6zei felett \u2013 k\u00f6z\u00f6lte a The Hacker News.<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A PlayPraetor nev\u0171 \u00faj Android-t\u00e1voli hozz\u00e1f\u00e9r\u00e9si tr\u00f3jait (RAT) t\u00f6bb mint 11 000 eszk\u00f6z\u00f6n azonos\u00edtott\u00e1k, f\u0151k\u00e9nt Portug\u00e1li\u00e1ban, Spanyolorsz\u00e1gban, Franciaorsz\u00e1gban, Marokk\u00f3ban, Peruban \u00e9s Hongkongban.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"575\" src=\"https:\/\/life.karpat.in.ua\/wp-content\/uploads\/2025\/08\/kartevo-malware-telefonos-virus-602672-1024x575.jpg\" alt=\"\" class=\"wp-image-250705\" srcset=\"https:\/\/life.karpat.in.ua\/wp-content\/uploads\/2025\/08\/kartevo-malware-telefonos-virus-602672-1024x575.jpg 1024w, https:\/\/life.karpat.in.ua\/wp-content\/uploads\/2025\/08\/kartevo-malware-telefonos-virus-602672-300x169.jpg 300w, https:\/\/life.karpat.in.ua\/wp-content\/uploads\/2025\/08\/kartevo-malware-telefonos-virus-602672-768x432.jpg 768w, https:\/\/life.karpat.in.ua\/wp-content\/uploads\/2025\/08\/kartevo-malware-telefonos-virus-602672-1536x863.jpg 1536w, https:\/\/life.karpat.in.ua\/wp-content\/uploads\/2025\/08\/kartevo-malware-telefonos-virus-602672.jpg 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">Hetente t\u00f6bb mint 2000 \u00faj fert\u0151z\u00e9st regisztr\u00e1lnak, a t\u00e1mad\u00e1sok jelenleg spanyol \u00e9s francia nyelvter\u00fcletre \u00f6sszpontos\u00edtanak.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A k\u00e1rtev\u0151 k\u00ednai vez\u00e9rl\u0151szerverr\u0151l m\u0171k\u00f6dik, \u00e9s hamis banki bejelentkez\u0151 fel\u00fcleteket jelen\u00edt meg k\u00f6zel 200 alkalmaz\u00e1sn\u00e1l.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A PlayPraetor a Google Play Store-t ut\u00e1nz\u00f3 hamis let\u00f6lt\u0151oldalakon terjed, amelyeket Meta-hirdet\u00e9sekkel \u00e9s SMS-ekkel n\u00e9pszer\u0171s\u00edtenek.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u00d6t f\u0151 vari\u00e1nsa van, k\u00f6zt\u00fck a Phantom, amely val\u00f3s idej\u0171 hozz\u00e1f\u00e9r\u00e9st biztos\u00edt a fert\u0151z\u00f6tt eszk\u00f6zh\u00f6z, \u00e9s on-device fraud (ODF) t\u00e1mad\u00e1sokat hajt v\u00e9gre. A botnet mintegy 60%-\u00e1t k\u00e9t oper\u00e1tor ir\u00e1ny\u00edtja, f\u0151k\u00e9nt portug\u00e1l nyelv\u0171 c\u00e9lpontok ellen.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A fert\u0151z\u00e9s ut\u00e1n a k\u00e1rtev\u0151 HTTPS \u00e9s WebSocket kapcsolaton kereszt\u00fcl kommunik\u00e1l a C2 szerverrel, \u00e9s ak\u00e1r \u00e9l\u0151 vide\u00f3streamet is ind\u00edthat a k\u00e9sz\u00fcl\u00e9k k\u00e9perny\u0151j\u00e9r\u0151l. Folyamatos fejleszt\u00e9s alatt \u00e1ll, \u00faj parancsokkal b\u0151v\u00edtve az adatlop\u00e1si \u00e9s t\u00e1voli vez\u00e9rl\u00e9si k\u00e9pess\u00e9geket. Az elm\u00falt hetekben egyre t\u00f6bb spanyol \u00e9s arab nyelv\u0171 felhaszn\u00e1l\u00f3t c\u00e9loznak.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A kutat\u00f3k szerint a PlayPraetor a k\u00ednai nyelv\u0171 kiberb\u0171n\u00f6z\u0151i k\u00f6r\u00f6k \u00fajabb p\u00e9nz\u00fcgyi csal\u00e1sra tervezett eszk\u00f6ze, hasonl\u00f3an a ToxicPanda \u00e9s SuperCard X k\u00e1rtev\u0151kh\u00f6z. A ToxicPanda jelenleg mintegy 3000 eszk\u00f6zt fert\u0151z\u00f6tt meg, \u00e9s \u00faj technik\u00e1kat, p\u00e9ld\u00e1ul DGA-t \u00e9s tartal\u00e9kk\u00e9nt be\u00e1ll\u00edthat\u00f3 C2-domaineket haszn\u00e1l a m\u0171k\u00f6d\u00e9s fenntart\u00e1s\u00e1ra.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">K\u00f6zben a Zimperium bejelentette a DoubleTrouble nev\u0171 m\u00e1sik fejlett Android banki tr\u00f3jait, amely az overlay-t\u00e1mad\u00e1sokon t\u00fal k\u00e9perny\u0151felv\u00e9teleket k\u00e9sz\u00edt, letilt bizonyos alkalmaz\u00e1sokat \u00e9s napl\u00f3zza a billenty\u0171le\u00fct\u00e9seket.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Ez a k\u00e1rtev\u0151 is az Android akad\u00e1lymentes\u00edt\u00e9si szolg\u00e1ltat\u00e1sait haszn\u00e1lja vissza a teljes eszk\u00f6z feletti ir\u00e1ny\u00edt\u00e1s megszerz\u00e9s\u00e9re.<\/p>\n\n\n\n<p class=\"has-text-align-right wp-block-paragraph\"><strong><a href=\"https:\/\/www.portfolio.hu\/bank\/20250809\/androidosok-figyelem-villamgyorsan-terjed-az-uj-virus-azonnal-kiuritheti-a-bankszamlakat-779157\" target=\"_blank\" rel=\"noreferrer noopener\">(portfolio.hu)<\/a><\/strong><\/p>\n\n\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A PlayPraetor nev\u0171 \u00faj Android-tr\u00f3jai m\u00e1r t\u00f6bb mint 11 ezer k\u00e9sz\u00fcl\u00e9ket fert\u0151z\u00f6tt meg vil\u00e1gszerte, f\u0151k\u00e9nt Eur\u00f3p\u00e1ban \u00e9s Latin-Amerik\u00e1ban, c\u00e9lzott kamp\u00e1nyokkal banki \u00e9s kriptot\u00e1rca-adatokat lopva. <\/p>\n","protected":false},"author":12,"featured_media":250705,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[41,590,2098684,11,592,39],"tags":[24958,2334327,2334329,2334328,1128],"class_list":["post-250704","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cikkek","category-it-hu","category-it-2","category-kiemelt-tema","category-tarsadalom","category-vilag","tag-andorid","tag-banki-adatok","tag-doubletrouble","tag-playpraetor","tag-virus-2"],"_links":{"self":[{"href":"https:\/\/life.karpat.in.ua\/index.php?rest_route=\/wp\/v2\/posts\/250704","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/life.karpat.in.ua\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/life.karpat.in.ua\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/life.karpat.in.ua\/index.php?rest_route=\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/life.karpat.in.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=250704"}],"version-history":[{"count":1,"href":"https:\/\/life.karpat.in.ua\/index.php?rest_route=\/wp\/v2\/posts\/250704\/revisions"}],"predecessor-version":[{"id":250706,"href":"https:\/\/life.karpat.in.ua\/index.php?rest_route=\/wp\/v2\/posts\/250704\/revisions\/250706"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/life.karpat.in.ua\/index.php?rest_route=\/wp\/v2\/media\/250705"}],"wp:attachment":[{"href":"https:\/\/life.karpat.in.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=250704"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/life.karpat.in.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=250704"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/life.karpat.in.ua\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=250704"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}