Herodotus Android Malware Fools Biometrics with Typing Trick

A new Android banking trojan identified as Herodotus is raising red flags among mobile security researchers for its advanced evasion tactics. Discovered during routine malware monitoring, Herodotus Android Malware Foolsnaturally by mimicking human behavior to sidestep biometric detection systems. Although it shares infrastructure with known malware like Hook and Octo, Herodotus blends elements from the Brokewell family with original code that enables stealthy device takeovers.

Active in Italy and Brazil, Herodotus is sold as Malware-as-a-Service by a threat actor known as K1R0. The malware uses deceptive SMiShing links and a custom dropper to bypass Android’s accessibility restrictions. Once installed, it overlays fake login screens on banking apps and intercepts two-factor codes. Herodotus Android Malware Foolsnaturally again by entering text one character at a time, with randomized delays, to replicate human typing. This technique helps bypass basic behavioral biometrics but may still trigger advanced detection systems.

Read the full story at https://cybersecuritynews.com/new-android-malware-herodotus-mimic-human-behaviour/