Bitget App
Trade smarter
Open
HomepageSign up
Bitget>
News>
Markets>
New Bank Trojan Infecting Thousands of Android Devices, Capable of Draining Accounts Automatically, Warns Cleafy

New Bank Trojan Infecting Thousands of Android Devices, Capable of Draining Accounts Automatically, Warns Cleafy

Daily Hodl2025/10/11 16:00
By: by Henry Kanapi
IP+19.03%

A newly discovered Android banking trojan is giving hackers the ability to hijack mobile devices and drain accounts while victims sleep.

In a new report, Italian cybersecurity firm Cleafy says the malware, named Klopatra, has already infected more than 3,000 devices across Europe in active campaigns targeting banks in Spain and Italy.

Cybersecurity researchers say the threat surfaced in late August 2025 and represents a “significant evolution in mobile malware sophistication.” Klopatra combines full device takeover with next-level code obfuscation designed to block detection and traditional analysis methods.

According to Cleafy, Klopatra infects devices by posing as a legitimate app called Mobdro Pro IP TV + VPN. The app promises access to high-quality television channels, which researchers say is a design choice, as users are willing to install pirated streaming apps from unofficial sources to bypass the Google Play Store.

Once installed and permission is granted, Klopatra abuses Android’s Accessibility Services to read screen content, capture keystrokes and simulate taps to approve fraudulent bank transfers.

“It can simulate taps and gestures, allowing it to navigate apps, click buttons (‘Allow,’ ‘Transfer’), enter text, and ultimately, perform fraudulent transactions autonomously.

The abuse of Accessibility Services is the cornerstone of modern banking malware fraud. The technical mechanism turns a malware infection into a direct financial loss, allowing Klopatra to operate with the same level of authority as the legitimate user, but completely invisibly.”

Cleafy warns that the attackers often strike at night when victims’ phones are charging and unattended, using stolen unlock patterns or PINs to quietly execute instant bank transfers.

“Klopatra represents a significant and sophisticated threat to the financial sector and mobile device users, particularly in Europe. The analysis conducted by the Cleafy team revealed malware that is not only technically advanced but is also managed by a cohesive and disciplined Turkish-speaking criminal group, controlling operations from A to Z.”

Generated Image: Midjourney

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
PoolX: Earn new token airdrops
Lock your assets and earn 10%+ APR
Lock now!

You may also like

CME Launches SOL and XRP Options Trading
Cointime2025/10/13 16:27

Trending news

More
1
BNB Chain and Four.Meme jointly launch $45 million BNB airdrop event
2
U.S. stocks extended gains, with the Nasdaq Composite Index up 2.

Crypto prices

More
Bitcoin
Bitcoin
BTC
$114,692.27
+0.49%
Ethereum
Ethereum
ETH
$4,167.79
+1.55%
Tether USDt
Tether USDt
USDT
$1
+0.01%
BNB
BNB
BNB
$1,280.41
-1.16%
XRP
XRP
XRP
$2.59
+3.07%
Solana
Solana
SOL
$199.53
+2.97%
USDC
USDC
USDC
$0.9999
+0.00%
Dogecoin
Dogecoin
DOGE
$0.2108
+1.96%
TRON
TRON
TRX
$0.3210
-0.93%
Cardano
Cardano
ADA
$0.7152
+3.95%
How to sell PI
Bitget lists PI – Buy or sell PI quickly on Bitget!
Trade now
Become a trader now?A welcome pack worth 6200 USDT for new users!
Sign up now
Trade smarter