Cyber Attackers distribute a new Remote Access Trojan called Gigabud, which impersonates government agencies, financial institutions, and other organizations from Thailand, Peru, and the Philippines.

Gigabud uses a server-side verification process to ensure that the mobile number entered during registration is legitimate. The malware sends a fake loan agreement to the victim from the login screen and asks them to verify the information.

In connection with this attack, researchers revealed that when users install a malicious application on their device, they display a legitimate-looking login screen that asks them to enter their mobile phone number and password.

Precautions to be taken to avoid such attacks:

• Make sure your devices are up to date,

• Follow the general and patch updates of the devices,

• Do not download applications from unsafe sites,

• Inform your users with awareness trainings,

• Strengthen your systems with mobile security products.