EventBot- A New Smartphone Malware that Targets Banking Apps

In this post, I will write about the new Smartphone Malware that Targets Banking Apps know as eventBot.

Securing our devices has always been a point of concern. People secure their smartphones, computers for different reasons. Either from friends, spouse or invaders, But people mostly don’t pay attention to the necessary information and terms of use when installing new applications or software. From these applications, invaders/hackers try to steal our information so as to take advantage of it. One of such malware has now been found which affects Android smartphones and targets banking applications specifically by bypassing even the extra layers of protection.

Also read: 10 Signs of a Malware Infection on your Computer

The name of this Android smartphone malware is EventBot and it has been found by the security researchers’ team at Cybereason firm. The team discovered that the trojan disguises itself as a legitimate Android app and abuses Android’s accessibility features to ill-treat your data. They found out that EvenBot is using several icons to masquerade as a genuine application. It is not currently available on Play Store but it impersonates many icons like Microsoft Word and Adobe Flash to exploit data.

They further analyzed that, EventBot malware particularly targets sensitive information like banking passwords, data from financial applications. The malware can also bypass the two-factor authentication (2FA), a security process that adds an extra layer of protection to ensure the security of your online accounts. The EventBot can read SMS messages and steal them to unlock the 2FA and thus get deeper access to your accounts.

Also Read9 Most Deadliest Computer Viruses that Stood the Test of Time

Once you installed the EventBot, it prompts the user to give it access to accessibility services and once the permission is granted, it can act as a keylogger and can retrieve notifications about other installed applications.

As per Cybereason’s key findings, the EventBot targets users of over 200 different financial applications, including money transfer services, crypto-currency wallets. Some of these targeted applications are Paypal Business, HSBC UK, Coinbase, TransferWise, and many more. Also, these intruders target these applications across the US, Europe, including Italy, the UK, Spain, Switzerland, France, and Germany.

The team says that EventBot is a “brand new” malware and that’s why a matter of their interest. According to what the researchers have found, the malware is currently in the early stages and has real potential to become the next big mobile malware as well. The team found that the malware is constantly improving and it has encountered different versions of the malware over time as it has rapidly evolved and each version is expanding its capability even further. In more up-to-date versions of Android, the EventBot malware even asks for permission to run in the background before deleting itself from the launcher.

The makers behind the malware are unknown and it may take some time to locate them and eradicate them completely. Meanwhile, researchers suggest users not download any untrusted apps from third-party sites or stores.

SECURITY RECOMMENDATIONS

Also ReadThe Complete difference between PayPal FnF and PayPal GnS

 

 

We love to hear from you, comment below, and share.

Exit mobile version