9,039.25-67.0
Stock Analysis, IPO, Mutual Funds, Bonds & More

Mobile banking malware that hides in MS Word, Adobe flash apps may affect Android smartphones

It has been observed that a new Android mobile malware named EventBot is spreading.

PTI|
Last Updated: May 15, 2020, 08.34 AM IST
0Comments
ThinkStock Photos
mobile-apps_ThinkstockPhotos
The virus further prompts the users to give access to their device accessibility services.
NEW DELHI: A mobile banking malware called "EventBot", which steals personal financial information, may affect Android phone users in India, the federal cyber-security agency has said in a latest advisory.

The CERT-In has issued a caution, saying the Trojan virus may "masquerade as a legitimate application such as Microsoft Word, Adobe flash and others using third-party application downloading sites to infiltrate into victim device".

A Trojan is a virus or malware that cheats a victim to stealthily attack its computer or phone-operating system.

"It has been observed that a new Android mobile malware named EventBot is spreading.

"It is a mobile-banking Trojan and info-stealer that abuses Android's in-built accessibility features to steal user data from financial applications, read user SMS messages and intercept SMS messages, allowing malware to bypass two-factor authentication," the CERT-In advisory said.

The Computer Emergency Response Team of India (CERT-In) is the national technology arm to combat cyber attacks and guard the Indian cyber space.

Getty Images
smartphone-alerts_GettyImages
The virus largely targets financial applications like Paypal Business, Revolut, Barclays, UniCredit, CapitalOne UK, HSBC UK, TransferWise, Coinbase, paysafecard etc.

"EventBot", it said, targets over 200 different financial applications, including banking applications, money-transfer services and cryptocurrency wallets, or financial applications based in the US and Europe region at the moment but some of their services may affect Indian users as well.

The virus "largely targets financial applications like Paypal Business, Revolut, Barclays, UniCredit, CapitalOne UK, HSBC UK, TransferWise, Coinbase, paysafecard etc.," the CERT-In said.

The agency said while "EventBot" has not been "seen" on Google Playstore till now, it can "masquerade" as a genuine mobile phone application.

"Once installed on victim's Android device, it asks permissions such as controlling system alerts, reading external storage content, installing additional packages, accessing internet, whitelisting it to ignore battery optimisation, prevent processor from sleeping or dimming the screen, auto-initiate upon reboot, receive and read SMS messages and continue running and accessing data in the background," the advisory explained.

The virus further prompts the users to give access to their device accessibility services.

"Also, it can retrieve notifications about other installed applications and read contents of other applications.

Password Manager, Authentic Apps & Webcam Cover: 9 Steps To Ensure Data Security Every Day

of 10
Next
Prev
Play Slideshow

Secure Your Digital Life

8 Feb, 2020
2019 was the year of serious data breaches. Each made headlines that jolted users into reality and the importance of protecting personal data. A recent survey indicates that 52 per cent of users polled believe they need to strengthen their data policies, 45 per cent expect advertising and marketing regulation to become 'more strict', while 88 per cent agree, or strongly agree, that digital privacy will become increasingly important this year.While, January 28 is observed as the Data Privacy Day in India, the US, Canada and 47 European countries each day, Sunil Sharma, managing director sales, India & SAARC, Sophos advises you to treat every day as Data Privacy Day and apply these simple tips to secure your data.
Next

Also Read

Malware detections surge by 48% in 2019

Hackers using coronavirus malware to steal data: Cyber cops

No takers for your malware: India slams Pak at UN

This malware that can hack into FB & Twitter, post fake reviews on shopping websites

Comments
Add Your Comments
Commenting feature is disabled in your country/region.

Popular Categories


Other useful Links


Copyright © 2020 Bennett, Coleman & Co. Ltd. All rights reserved. For reprint rights: Times Syndication Service