New Android Malware ‘Ajina.Banker’ Steals Financial Data and Bypasses 2FA via Telegram

A new strain of Android malware, Ajina.Banker, has been targeting bank customers in the Central Asia region since November 2024. The malware, discovered by Singapore-based Group-IB, harvests financial information and intercepts two-factor authentication messages. It is spread via a network of Telegram channels under the guise of legitimate services. Countries targeted include Armenia, Azerbaijan, Iceland, Kazakhstan, Kyrgyzstan, Pakistan, Russia, Tajikistan, Ukraine, and Uzbekistan. The distribution method often involves sharing malicious files in local chats as giveaways and promotions.