Tuesday, 31 March, 2026
ERMAC 3.0 Android Banking Trojan Source Code Leaked
By Isha
Security firm Hunt.io uncovered the full source code of ERMAC 3.0, a sophisticated Android banking trojan, following a default-password vulnerability in its infrastructure. The leak includes the backend, frontend control panel, Golang exfiltration server, and Android builder. Capable of targeting over 700 banking, shopping, and crypto apps, the malware features form injection, AES-CBC encrypted communication, and multiple exploitable flaws—such as hardcoded admin tokens.
Read full story at The Hacker News