Teabot is an Android mobile banking Trojan that is targeting users in European Banking mobile apps. It can perform overlay attacks via Android Accessibility Services, intercept messages, perform various key logging activities, steal Google Authentication codes, and even take full remote control of Android devices. TeaBot attempt to trick victims into downloading the malware by disguising it as fake versions of popular apps like BookReader, PlutoTV, TeaTV, VLC Media Player, Correos, DHL and UPS the real versions of which have often been downloaded millions of times.
Teabot Android Banking Trojan Signatures
Family: HEUR:Trojan-Banker.AndroidOS.Agent.io
MD5: 4642c7a56039a82d8268282802c2fee9
SHA256: 4067054f202cc8e87557915783d4468b54985c5cc7b0b57df98ffbb106475196
Teabot Android Banking Trojan Download