A group has been targeting Indonesian and Vietnamese Android users with banking trojans disguised as legitimate payment and government identity applications. The operators exhibit distinct domain registration patterns, often reusing TLS certificates and grouping domains to resolve to the same IP addresses, with a strong operational focus during Eastern Asia's daytime hours. The post Banker Trojan Targeting Indonesian and Vietnamese Android Users appeared first on DomainTools Investigations | ...
