Cyble Research and Intelligence Labs (CRIL) has recently discovered a new banking Trojan called Antidot that specifically targets Android devices.


Antidot masquerades as a fake Google Play update application and is skilled at tricking users by displaying the update page in multiple languages. Once installed, Antidot gains Accessibility permissions and establishes communication with its command and control server [2] [3]. Known for its advanced features like keylogging, overlay attacks [1] [2] [3], screen recording [2] [3], and remote device control [2] [3], Antidot poses a serious threat to Android users. To protect against such threats, Cyble researchers advise users to only download software from official app stores, use antivirus software [2], and be cautious when granting permissions or clicking on links on mobile devices.


Antidot [1] [2] [3], the newly uncovered banking Trojan, presents a significant risk to Android users due to its sophisticated capabilities. To mitigate this threat, users are urged to follow best practices such as downloading software from trusted sources, using antivirus protection, and exercising caution when interacting with mobile devices. Looking ahead, it is crucial for users to remain vigilant and proactive in safeguarding their devices against evolving cyber threats.