Home

White Paper

Unveiling Maorrisbot: The Inner Workings of an Android Trojan Malware

Unveiling Maorrisbot: The Inner Workings of an Android Trojan Malware

CloudSEK
Pages 16 Pages

CloudSEK's analysis of the Maorrisbot Android Trojan reveals that threat actors distribute this malware through fake challan messages on WhatsApp. Once installed, it steals contacts, SMS messages, and device data, forwarding them to attackers via a Telegram bot. The malware, part of the Wromba family, employs anti-analysis techniques to evade detection. CloudSEK successfully extracted the Telegram bot token used by the attackers, highlighting the sophisticated methods used to harvest sensitive information across the Asia-Pacific region.

Join for free to read

You Might Also Like


East Irondequoit CSD claims victory over Emotet Trojan
Case Study East Irondequoit CSD claims victory over Emotet Trojan
Malwarebytes

Understanding ICS Malware: Defining a Credible Threat to Industrial Infrastructure
White Paper Understanding ICS Malware: Defining a Credible Threat to…
Dragos

10 Strategies for Android mPoS Security
White Paper 10 Strategies for Android mPoS Security
Esper

State of Malware Analysis
White Paper State of Malware Analysis
Opsat Meta Access

More from CloudSEK


Unveiling the Exploitation of Missing "X-Frame-Options" HTTP Headers in Phishing Attacks
White Paper Unveiling the Exploitation of Missing "X-Frame-Options" HTTP…
CloudSEK

Hacktivist Warfare: Assessing the Strategies and Tools of Cyber Hacktivists
White Paper Hacktivist Warfare: Assessing the Strategies and Tools of Cyber…
CloudSEK

Brazil - Latin America (LATAM) Cyber Threat Landscape 2023-24
Report Brazil - Latin America (LATAM) Cyber Threat Landscape 2023-24
CloudSEK

Beyond the Storefront: E-commerce and Retail Threat Insights
White Paper Beyond the Storefront: E-commerce and Retail Threat Insights
CloudSEK
© 2025 Contentree.  All Rights Reserved   |   Privacy and Cookies   |   Legal   |   Do not sell my info