ESET cybersecurity experts: It’s a banking trojan that has already targeted users from Poland, impersonating Bolt Food. Goal: to steal banking-cryptocurrency credentials.
NCSC-FI cybersecurity experts: The malware aims to steal data from devices, and it is spread via SMS and MMS. Also iPhone users has been targeted, but to bait them in frauds.
Check Point cybersecurity experts: The malware steals credentials and banking information. It was spread via Google Play Store. Many victims from Italy and UK.
Lab52 cybersecurity researchers: The App steals information from mobile devices and sends it to a server in Russia. It looks like Turla's work, but there is no confirmation.
Kaspersky cybersecurity experts: The link in the sms directs or to a phishing page imitating the Apple website or it downloads Wroba malware on Android devices.
Dr.Web cybersecurity experts: It’s the Android.Cynos.7.origin' trojan, a modified version of Cynos, spread on Huawei's AppGallery. It collects sensitive user data.