Hackers Exploiting WhatsApp To Steal Bank Customers’ Credentials, Warns Cybersecurity Researchers
Cybersecurity researchers are warning about a dangerous new malware strain that targets banking customers by exploiting WhatsApp and SMS.
Dubbed “GhostBat RAT,” the malicious software masquerades as legitimate government-related apps, tricking users into downloading infected Android files from GitHub or compromised websites.
According to the team at Cyble , the malware campaign has resurged in India with alarming sophistication, using shortened URLs in WhatsApp messages and text alerts to deceive victims into believing they’re installing official transportation apps.
Once installed, GhostBat RAT deploys a phishing overlay that captures sensitive information including mobile banking credentials, UPI PINs, and account details. It also intercepts SMS messages containing banking-related keywords to siphon one-time passwords and two-factor authentication codes, giving attackers full access to victims’ financial accounts.
Researchers found that the malware communicates with a remote command-and-control server to exfiltrate stolen data in real time, while also granting attackers the ability to monitor user activity, send messages, and modify system settings.
Cyble says that the campaign leverages social engineering tactics to build trust and gain permissions that bypass Android’s default security safeguards.
The firm has urged users to remain vigilant, avoid downloading applications from unofficial links, and verify the authenticity of app publishers before installation. Security experts also recommend reviewing app permissions, updating Android systems regularly, and using reliable mobile antivirus tools.
“The GhostBat RAT campaign represents a sophisticated evolution of RTO-themed Android malware. It combines multi-stage dropper techniques, anti-analysis defenses, native code exploitation, and social engineering to compromise users.
By targeting both banking credentials and UPI authentication flows, the malware demonstrates an ability to extract financial information directly while evading traditional detection mechanisms.”
Generated Image: Midjourney
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
The PENGU Price Decline: Market Turbulence or a Chance to Invest?
- PENGU's 28.5% price drop from $0.045 to $0.023 reflects macroeconomic turbulence, 2025 Fed tightening, and a $19B small-cap token liquidity crunch. - The Pudgy Penguins ecosystem expands into gaming, retail partnerships, and physical products, but faces unproven utility and regulatory uncertainty. - Technical indicators show bullish OBV/MACD and whale accumulation, yet bearish signals include $66.6M team wallet outflows and USDT dependency risks. - DCF analysis estimates intrinsic value at $0.02782-$0.06
Unpacking the Growing Curiosity Around PENGU Price Forecasts
- PENGU price prediction interest surges amid speculative fervor and evolving retail investor psychology in crypto markets. - Token's 78.89% YTD decline highlights structural risks, technical headwinds, and regulatory uncertainties despite short-term rebounds. - FOMO-driven trading and emotional cycles amplify volatility, with PENGU's 480% July 2025 surge followed by 28.5% drop illustrating market dynamics. - High-volatility assets like PENGU challenge diversification strategies, showing 55% annualized vol
Bitcoin News Update: The Cryptocurrency Market’s Tentative Rebound Depends on Institutional Trust and Federal Reserve Guidance
- Crypto market shifts from extreme fear to cautious optimism as Bitcoin stabilizes between $85,000–$89,000 amid Fed policy speculation. - ETF inflows ($129M in Bitcoin, $78.58M in Ethereum) and institutional buys ($93M by ARK Invest) signal tentative recovery despite 30% decline from October peaks. - Weak altcoin performance (Altcoin Season Index at 25) contrasts with Bitcoin dominance, while technical analysis warns of $90,000 resistance and $80,000–$86,500 support tests. - Market stability hinges on Fed
AAVE gains 4.1% over the past week as Avail Nexus debuts and cross-chain advancements emerge
- AAVE rose 4.1% in 7 days amid Avail Nexus Mainnet launch, enhancing cross-chain liquidity for DeFi. - Avail's Nexus connects Ethereum , Solana , and EVM chains, enabling unified asset flows across fragmented blockchains. - Aave benefits from modular infrastructure trends, supporting multi-chain operations without compromising security or efficiency. - Despite 1-year 39.84% decline, analysts highlight Aave's strategic position in evolving cross-chain DeFi ecosystems.
Trending news
MoreCrypto prices
More
