Threat spotlight: Hydra
ID: a6e06ecc-c78e-59e2-bbd0-0d111783645a
STIX ID: report--a6e06ecc-c78e-59e2-bbd0-0d111783645a
Feed Name: Fox-IT blog
Threat Score
**Executive summary:** Hydra (BianLian) is an active Android mobile banking malware family that steals credentials and session data via overlays/injections, Accessibility-based keylogging and a recently added cookie-stealing WebView feature; the report details variants (Tor/GitHub/hardcoded C2 configuration), C2 hosting patterns (notably Netherlands, US, Ukraine), and provides Suricata network detection rules and analysis to support detection and mitigation.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.