CERT-In issues a warning to the Android users about new mobile banking virus. Android users who use mobile banking are vulnerable to this malware. Computer Emergency Response Team of India (CERT-In) is a national cybersecurity agency to combat cyber attacks.
This new malware is called as “EventBot”. This malware may masquerade as a genuine and authentic application such as Adobe flash, Microsoft Word and other third party applications.
It is a mobile banking Trojan and info-stealer. This EventBot malware abuses Android accessibility features to steal data from the financial applications, intercept SMS and reads SMS, bypass two factor authentication. Event Bot is capable of reading on screen notifications.
CERT-In said, over the time this malware may read in-app PIN, passwords. The cybersecurity agency claims that the new malware targets over 200 financial applications like Paypal Business, Coinbase, TransferWise, Barclays, Revolut, HSBC UK, UniCredit, paysafecard etc.,
As of now, this malware didn’t found in Google Play Store, but it may be installed through other app markets. Once this malware is installed on the victims device, it ask for permissions like whitelisting it to ignoring battery optimisation, read SMS, controlling system alerts, prevent processor from sleep, installing additional packages and continue running and accessing data in the background.
To avoid becoming victim of Event-Bot, the agency has also released a few counter measures.
- Do not download and install apps from untrusted sources.
- Prior to download or installing, always review the app details, permissions, downloads count, user reviews and comments.
- Install strong AI powered antivirus.
- Avoid using unknown and unsecured Wi-Fi networks.
With PTI Inputs
For more related content follow us on Twitter, Telegram, Facebook.
