A dangerous form of malware that records keystrokes and steals banking data is targeting Android users. Invisible Man, a relative of malicious software Svpeng, deceives smartphone owners by disguising itself as a fake Flash Player update.
Once it’s downloaded, Invisible Man checks a device’s language settings. If it’s set to Russian, the payload will abort. If not, the malware requests permission to use the device’s accessibility services feature, which helps disabled users navigate the smartphone.
Once access is granted, Invisible Man draws images on the smartphone’s screen, where it produces invisible overlays that record keystrokes. As users type their passwords, credit card account numbers and other personal data into apps, the information is passed onto criminal third parties.
How can users avoid Invisible Man?
- Be wary of fraudulent Flash Player downloads or updates, which often hide deceptive forms of malware. Only trust updates that come directly from Adobe.
- Remain suspicious of apps that require use of accessibility services.
- Don’t open files you don’t recognize.
- Don’t install apps from unverified third-party sources.
- Install updates as soon as they become available.
- Use anti-virus software on all Android-based devices.