Ghimob malware is targeting Mobile Banking Apps all around the world - XTN Cognitive Security

Ghimob malware is targeting Mobile Banking Apps all around the world

Recently a new trojan named Ghimob is targeting mobile banking apps all around the world.
trust your fraud expert icon

Written by Guido Ronchetti, CTO at XTN Cognitive Security®

Recently a new trojan named Ghimob has been targeting mobile banking apps all around the world. This Remote Access Trojan (RAT) malware aims to steal the victim’s banking credentials granting fraudster access to the banking account. The malware can also take control of the device to bypass Strong Customer Authentication (SCA) processes.
This trojan has been targeting Brazil; anyhow, it is also starting to threaten Europe, the United States, and India.


A Remote Access Trojan, aka RAT, is malicious software that provides the attacker unlimited access to the victims’ endpoints.


This trojan typically aims to steal sensitive information about the user or the services it accesses. Often the RATs are manually checked by the attacker to perform operations on the victim’s endpoints. Using stolen access privileges, they can access and steal sensitive business and personal data, including Intellectual Property (IP), Personal Identifiable Information (PII), and Patient Health Information (PHI).
Several Advanced Persistent Threat (APT) attacks use RAT technology to bypass strong authentication, spread the infection, and access sensitive applications to exfiltrate data. Moreover, once a RAT infects a device, the cybercriminal can control the device from a comfortable and remote back-end control panel. For these reasons, RAT attacks are extremely dangerous since they attack the chain’s weakest link. These attacks are designed to be scalable and can be customized to fit the target.


XTN has your back! We designed a behavioral malware engine capable of detecting threats by monitoring user behavior.

XTN Cognitive Security Platform® detects and alerts you when a Ghimob sample is active in a user’s device. These signals help financial institutions to block fraud at the very beginning when credentials are stolen.


XTN Cognitive Security Platform® allows you to protect your services from RAT attacks.

To schedule a live demo of the Platform, submit the following form.


Share this Article:


Have any question? We’d love to hear from you. 

By submitting I acknowledge XTN Cognitive Security's Privacy Policy.

Related Contents

Discover our resources

White paper, Business Case, Webinar and more