ERMAC Android banking trojan v3.0 source code leak

Data Leak

First reported

18.08.2025 21:12

Last updated

18.08.2025 21:12

Happening score

H score 22

1 unique sources, 1 articles

Summary

Hide ▲

The ERMAC Android banking trojan v3.0 source code was leaked online, exposing the MaaS platform internals and operator infrastructure. The leak matters because it reveals backend, panel, exfiltration server, deployment configurations, builder, and obfuscator details that can help defenders detect abuse. It was discovered in March 2024 in an exposed archive named Ermac 3.0.zip.

Timeline

18.08.2025 21:12 1 articles · 9mo ago

ERMAC Android banking trojan v3.0 source code leak

Initial Disclosure
Researchers found an exposed archive named **Ermac 3.0.zip** in an open directory in **March 2024**. The archive contained the trojan's source code and operational components, confirming a public leak of the platform.
Show sources

ERMAC Android malware source code leak exposes banking trojan infrastructure — www.bleepingcomputer.com — 18.08.2025 21:12
Open in new tab