Marcher

Marcher is Android malware that is used for financial fraud. [1]

ID: S0317
Type: MALWARE
Platforms: Android

Version: 1.1

Techniques Used

DomainIDNameUse
MobileT1401Abuse Device Administrator Access to Prevent RemovalMarcher requests Android Device Administrator access.[1]
MobileT1476Deliver Malicious App via Other MeansMarcher is delivered via a link sent by SMS or email, including instructions advising the user to modify their Android device security settings to enable apps to be installed from "Unknown Sources."[1]
MobileT1411User Interface SpoofingMarcher attempts to overlay itself on top of legitimate banking apps in an effort to capture user credentials. Marcher also attempts to overlay itself on top of legitimate apps such as the Google Play Store in an effort to capture user credit card information.[1]

References