Plus, more news bytes of the week, including malware packaged with pirated movies and a hacker who can’t stop hacking
A new malware called EventBot is infecting Android devices in order to steal login credentials for banking apps and cryptocurrency wallets, TechCrunch reported. Researchers believe the malware is still a work-in-progress that has not been officially “released” yet, as they have observed several major upgrades since its discovery in March, including new malicious features and improved encryption for its command-and-control server (C2) communications. Icons found in the malware lead researchers to believe that when it is launched, it will masquerade as legitimate Android apps such as Microsoft Word and Adobe Flash.
Upon infection of the device, EventBot requests many permissions, including access to the device’s accessibility features. Once it receives this access, it behaves as a keylogger, has the ability to intercept SMS messages, and can bypass two-factor authentications. Because it doesn’t use any signature mechanisms or recognizable coding, researchers believe the malware is brand new, and they are mystified as to its origin. In its current iteration, EventBot seems designed to target over 200 banking and finance applications such as PayPal, Capital One, and Coinbase.
The malware has not been detected in the official Google Play Store as of yet, and Avast Security Evangelist Luis Corrons reminds users to avoid illegal and unofficial app stores. “Android is the most used operating system in the world,” he commented. “According to Google, a year ago there were already 2.5 billion active Android devices. This makes the platform really attractive for cybercriminals, and that is why it is ..
Support the originator by clicking the read the rest link below.
