An Android malware that was observed abusing accessibility services in the device to hijack user credentials from European banking applications has morphed into an entirely new botnet as part of a renewed campaign that began in May 2021. The malware was distributed through malicious SMS messages, with the attacks often conducted in real-time by posing as bank operators to dupe targets over the phone and surreptitiously gain access to the infected device via WebRTC protocol and ultimately conduct unauthorized bank transfers. The geographical distribution of banks and other apps targeted by Oscorp consists of Spain, Poland, Germany, Turkey, Italy, Japan, Australia, France, and India.
Source: https://thehackernews.com/2021/07/ubel-is-new-oscorp-android-credential.html