New Android Banking Trojan Herodotus Mimics Human Behavior

Cyber Security News by CyberSum.net

Published on October 28, 2025 at 09:00 PM

4 sources

Cybersecurity researchers have identified a new Android banking trojan called Herodotus, which mimics human behavior to evade detection. The malware, distributed via SMS phishing, uses accessibility services to steal credentials and 2FA codes. Herodotus introduces random delays in text input to appear human-like, making it harder for behavioral biometrics to detect fraud. The malware targets financial apps and cryptocurrency platforms, indicating a broad campaign. Researchers warn that Herodotus poses new challenges for banks and payment providers, necessitating layered security measures.

Also Read

TruffleNet: Cloud Credential Abuse for BEC Fraud

Fortinet’s FortiGuard Labs identified a widespread cloud abuse campaign, TruffleNet, exploiting stolen AWS credentials for large-scale Business Email Compromise (BEC) and email fraud. The campaign leverages over 800 unique hosts across 57 networks, showcasing advanced automation and operational discipline. Attackers use tools like TruffleHog and Portainer to validate credentials and orchestrate fraudulent activities, resulting in significant financial losses and data breaches.

By Cyber Security News by CyberSum.netNovember 4, 2025 at 12:00 AM