Hackers Exploiting WhatsApp To Steal Bank Customers’ Credentials, Warns Cybersecurity Researchers
Cybersecurity researchers are warning about a dangerous new malware strain that targets banking customers by exploiting WhatsApp and SMS.
Dubbed “GhostBat RAT,” the malicious software masquerades as legitimate government-related apps, tricking users into downloading infected Android files from GitHub or compromised websites.
According to the team at Cyble , the malware campaign has resurged in India with alarming sophistication, using shortened URLs in WhatsApp messages and text alerts to deceive victims into believing they’re installing official transportation apps.
Once installed, GhostBat RAT deploys a phishing overlay that captures sensitive information including mobile banking credentials, UPI PINs, and account details. It also intercepts SMS messages containing banking-related keywords to siphon one-time passwords and two-factor authentication codes, giving attackers full access to victims’ financial accounts.
Researchers found that the malware communicates with a remote command-and-control server to exfiltrate stolen data in real time, while also granting attackers the ability to monitor user activity, send messages, and modify system settings.
Cyble says that the campaign leverages social engineering tactics to build trust and gain permissions that bypass Android’s default security safeguards.
The firm has urged users to remain vigilant, avoid downloading applications from unofficial links, and verify the authenticity of app publishers before installation. Security experts also recommend reviewing app permissions, updating Android systems regularly, and using reliable mobile antivirus tools.
“The GhostBat RAT campaign represents a sophisticated evolution of RTO-themed Android malware. It combines multi-stage dropper techniques, anti-analysis defenses, native code exploitation, and social engineering to compromise users.
By targeting both banking credentials and UPI authentication flows, the malware demonstrates an ability to extract financial information directly while evading traditional detection mechanisms.”
Generated Image: Midjourney
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
CME Suspension: Global Market Vulnerabilities Revealed by Thermodynamic Constraints
- CME Group halted Globex trading on Nov 28, 2025 due to CyrusOne cooling system failure in Chicago, freezing 90% of global derivatives markets. - The outage caused erratic price swings in gold/silver and disrupted EBS forex platforms, exposing vulnerabilities in third-party data center reliance. - Despite post-holiday timing softening immediate impact, the incident highlighted systemic risks from thermodynamic limits in AI-era infrastructure. - CME faces pressure to build redundant systems as it expands c
Turkmenistan's Approach to Cryptocurrency: Navigating Government Oversight and Public Confidence
- Turkmenistan will implement strict crypto regulations from 2026, requiring miner registration, exchange licensing, and anti-money laundering protocols under President Berdimuhamedov. - The framework mirrors Central Asian neighbors' approaches but prohibits anonymous transactions, national symbols in branding, and hidden mining operations. - While aligning with global crypto oversight trends, the law maintains state control over digital assets, raising questions about market viability amid Turkmenistan's
Ethereum Updates Today: Institutional Optimism Meets Technical Challenges: The Pivotal Moment for Crypto
- Ethereum and XRP face critical technical junctures on Nov 28, 2025, with ETH testing $2,500–$3,200 support and XRP hovering near $2.30 amid mixed signals. - Bitcoin's bearish trend (50-day EMA at $100,937) contrasts with JPMorgan's "tradable macro asset" designation, potentially attracting institutional capital. - Solana's BONK memecoin launches a physically-backed ETP on SIX Swiss Exchange, bridging meme coins and traditional markets amid SOL's $140 support risks. - Market dynamics highlight institution
How a Query from an Office Supplies Specialist Transformed a $12 Billion Trucking Approach
- A non-trucking board member's question prompted Ryder System to shift focus from leasing to targeting 80-85% of companies owning their own trucks. - The strategic pivot aligns with growing demand in long-haul freight driven by e-commerce, trade agreements, and tech innovations like IoT fleet management. - Industry consolidation and sustainability trends, including electric trucks, are reshaping competition as firms expand specialized services like temperature-controlled logistics. - Ryder's experience hi
Trending news
MoreCrypto prices
More
