Updated version of the BianLian malware contains a Screencast Module to records the screens of the infected device and Socks5 module used for creating an SSH server on the device. The malware also drops an additional payload to the Google Play Protect is active through the Google SafetyNet API The added functionalities make this family a potentially dangerous one, Fortiguard says. BianLian seems to be still under active development and make it on a par with the other big players in the banking space”]
Source: https://gbhackers.com/bianlian-android-banking-malware/

