An Android mobile banking malware called “EventBot” that steals user data from financial applications is spreading, warning the Indian Computer Emergency Response Team (CERT-In).
This mobile banking trojan has misused Android’s in-built accessibility features to steal user data, read user SMS messages, and interrupt SMS messages, allowing malware to bypass two-factor authentication Hai, the Cyber Security Agency said in its advisory this month.
EventBot currently targets more than 200 different financial applications, including banking applications, money-transfer services, and cryptocurrency purses, or financial applications, based in the US and Europe region, but some of their services may also affect Indian users.
The malware largely targets financial applications such as PayPal Business, Revolut, Barclays, UniCredit, CapitalOne UK, HSBC UK, Transfer Wise, Coinbase, Pesafcard and more, CERT-In said.
While EventBot has not yet been seen on the Google Play Store, it uses multiple icons to make excuses as a legitimate application.
Malware in disguise
EventBot is using a third-party application downloading site to infiltrate the victim device, warned CERT-In.
“Once installed on the victim’s Android device, it will be able to control system alerts, read external storage content, install additional packages, access the Internet, whitewash it to ignore battery optimization, sleep the processor Asks permissions such as stopping or malfunctioning the screen, auto-starting. The cyber messaging agency stated in its advice, “Receive SMS messages and Read Su and keep the data running and running in the background. ”
In addition, malware prompts users to give access to their device accessibility services.
Excess of risk factor
“In addition, it can receive notifications about other installed applications and read the contents of other applications. Over time, it can also read lock screens and in-app pins that allow the attacker to hit the victim device May give more privileged access, ”the consultant said.
To help users prevent malware infections in Android phones, the cyber-security agency recommended some counter-measures.
“Do not download and install applications from untrusted sources (offered via links on unknown websites / dishonest messages),” it said.
It also asked users to install updated anti-virus solutions on Android devices.
(With inputs from IANS)