Klopatra Android Trojan Conducts Nighttime Bank Transfers
Summary
Hide ▲
Show ▼
A new Android Trojan named Klopatra has been identified, capable of performing unauthorized bank transfers while the device is inactive. The malware targets users in Italy and Spain, with over 3,000 devices infected. Klopatra disguises itself as the Mobdro streaming app, leveraging its popularity to bypass security measures. It employs advanced techniques to evade detection and analysis, including anti-sandboxing methods and a commercial packer. The Trojan operates during nighttime hours, draining victims' bank accounts without alerting them. Klopatra uses Accessibility Services to gain extensive control over the device, allowing attackers to simulate user interactions remotely. It captures screenshots, records screen activity, and overlays fake login screens to steal credentials. The malware checks for device inactivity and charging status before executing its operations, ensuring the victim remains unaware until the next day.
Timeline
-
30.09.2025 23:28 1 articles · 4h ago
Klopatra Trojan Conducts Nighttime Bank Transfers
A new Android Trojan named Klopatra has been identified, capable of performing unauthorized bank transfers while the device is inactive. The malware targets users in Italy and Spain, with over 3,000 devices infected. Klopatra disguises itself as the Mobdro streaming app, leveraging its popularity to bypass security measures. It employs advanced techniques to evade detection and analysis, including anti-sandboxing methods and a commercial packer. The Trojan operates during nighttime hours, draining victims' bank accounts without alerting them. Klopatra uses Accessibility Services to gain extensive control over the device, allowing attackers to simulate user interactions remotely. It captures screenshots, records screen activity, and overlays fake login screens to steal credentials. The malware checks for device inactivity and charging status before executing its operations, ensuring the victim remains unaware until the next day.
Show sources
- 'Klopatra' Trojan Makes Bank Transfers While You Sleep — www.darkreading.com — 30.09.2025 23:28
Information Snippets
-
Klopatra Trojan targets Android devices in Italy and Spain, with over 3,000 infections.
First reported: 30.09.2025 23:281 source, 1 articleShow sources
- 'Klopatra' Trojan Makes Bank Transfers While You Sleep — www.darkreading.com — 30.09.2025 23:28
-
The malware disguises itself as the Mobdro streaming app to evade detection.
First reported: 30.09.2025 23:281 source, 1 articleShow sources
- 'Klopatra' Trojan Makes Bank Transfers While You Sleep — www.darkreading.com — 30.09.2025 23:28
-
Klopatra uses Accessibility Services to gain extensive control over infected devices.
First reported: 30.09.2025 23:281 source, 1 articleShow sources
- 'Klopatra' Trojan Makes Bank Transfers While You Sleep — www.darkreading.com — 30.09.2025 23:28
-
The Trojan employs anti-sandboxing techniques and a commercial packer to evade analysis.
First reported: 30.09.2025 23:281 source, 1 articleShow sources
- 'Klopatra' Trojan Makes Bank Transfers While You Sleep — www.darkreading.com — 30.09.2025 23:28
-
Klopatra performs bank transfers during nighttime hours when the device is inactive and charging.
First reported: 30.09.2025 23:281 source, 1 articleShow sources
- 'Klopatra' Trojan Makes Bank Transfers While You Sleep — www.darkreading.com — 30.09.2025 23:28
-
The malware captures screenshots, records screen activity, and overlays fake login screens to steal credentials.
First reported: 30.09.2025 23:281 source, 1 articleShow sources
- 'Klopatra' Trojan Makes Bank Transfers While You Sleep — www.darkreading.com — 30.09.2025 23:28