ERMAC 3.0 source code leak reveals expanding threat

Hunt.io researchers obtained the source code for ERMAC 3.0, an Android banking trojan targeting over 700 apps. The code reveals exploitable weaknesses and confirms ERMAC’s evolution from Cerberus and Hook, expanding its capabilities to include form injection and data theft. The leak also exposed flaws like hardcoded secrets and weak credentials, aiding defenders in disrupting ERMAC’s infrastructure.