In 2017 we published a report on new mobile threats and described the global trends regarding financial malware. One of those we highlighted was the increase of RAT samples in the Android ecosystem. Almost two years have passed, and here we are: RAT malware is widespread in the wild!
Over the last couple of months, we have observed several cases appearing in our southern European client’s network and mainly financial institutions. Fortunately, we have been able to identify and remove them before any damage could be done. Our technology included in our clients’ mobile apps analyses the behavior of other apps installed on the device. This information is then analyzed by our AI-driven server component to recognize and categorize malware threats. We were able to detect several samples known as Spynote exemplars.


Spynote is a malware family that has been around for a while (first appeared back in 2016). This malware has improved its effectiveness over the years, offering critical capabilities that can impact users’ privacy, intercept credentials or reset accounts relying on the SMS and phone capabilities (to cite few possibilities).


It is vital for our clients to quickly notify the customer about this threat and promptly block any following fraudulent activity. Thanks to our technology, they can perform these activities in real-time, as soon as the danger is detected.
Removing threats and letting your customers feel safe using sensitive services is part of the value we provide at XTN.

For further information contacts us at sales@xtn-lab.com