The authors conducted large scale campaigns for its dissemination. Asacub works as follows: the Trojan is distributed through phishing SMS messages, which invite victims to look at a photo or MMS message. When, in their device settings, the victim has pre-set their device to allow installations from unknown sources, Asacub is able to install itself on the victim’s device as the default SMS application. When a new SMS message arrives, it can transmit the sender’s number and message text to the intruders’ command server. Asacub can withdraw funds from a bank card attached to the phone by sending SMS messages for transferring funds to another card or phone number, as well as intercepting SMS messages from a bank with one-time passwords.
Kaspersky Lab recommends download applications only from official resources, do not click on suspicious links from unknown senders and install a reliable security solution to protect your mobile device. Tatyana Shishkova, malware analyst at Kaspersky Lab, says the Asacub Trojan highlights how mobile malware can function for several years with minimal changes to its distribution pattern. Kaspersky also warned that Asacub grants hackers the ability to install even more malicious code, possibly including ransomware.