On January 7 2021 a new security threat was detected for the Android system and its users. Malicious software, or malware , is able to access bank data that may be stored on the mobile device.
As we use the smartphone for more everyday tasks, from access to social networks to work, access to banking applications has also become common practice, something that has not gone unnoticed by malicious minds.
There is a new and dangerous malware for Android
First exposed by publication hispasec , this threat is capable of “stealing” bank details in the event that the user accesses the bank via the smartphone. In a confinement scenario, homebanking is extremely popular.
The malicious software was submitted (uploaded) on Koodous, as well as on Virus Total, being now exposed for the user to be aware of. It is a serious security risk for devices on which it is inadvertently installed.
So far, there is no evidence that this software belongs to the group of malware dubbed Cerberus and Anubis Bankbot, two of most known and studied types of software tampered with for illicit purposes.
How the new Android malware works
As soon as the user install the malicious application, banking malware for Android is able to take advantage of Accessibility permissions for the entire smartphone. The user will be asked for an authorization the first time the app is launched and, if granted, the malware will thus gain full access to the mobile device.
Again, this only takes place if the user grants accessibility permissions. From there, the software is able to register the touches that the user makes on the smartphone screen and associate its location to each letter or number.
Registering everything that is inserted in text fields, the software thus creates a history of the exact positions in which the user touched the screen, being able to replicate passwords and other credentials for accessing banking applications.
The best protection: install apps only from the Google Play Store
Malware is in circulation in Spain, affecting mainly banking applications in our neighboring country. However, the same source reports that there are already cases of attacks on German banking applications.
Users who want to remain safe should install applications only from official sources such as the Google Play Store . In addition, you must keep the applications up to date, as well as the operating system of the mobile device.
It is not necessary to install an antivirus on Android devices, but we must keep the terminals and apps up to date.
Androidvillaz editors recommend:
- Apple iPhone 12 with MagSafe can disable pacemakers, says study
- Oppo Find X3 Pro: official images reveal single camera module
- Apple Car: Tim Cook’s company surveyed the startup Canoo at 2020