1. Home
  2. >>
  3. malware
  4. >>
  5. Android: A new banking malware takes control of our device

Android: A new banking malware takes control of our device



Android: A new banking malware takes control of our device


Threats increase for Android mobile users who have to deal with new alerts almost every dayamong which the most recent one concerns the enrichment of Trojan Octonow able to cause even more damage. According to the Dutch company ThreatFabric, active in protecting its customers from online threats and fraud, the sprawling Octo, already discovered in February, is a trojan ad remote accesscurrently sold on the dark web by a user who calls himself with nicknames like “good luck” or “architect”.

According to experts this new banking malware is related to the Exobot onealready discovered in 2016, and obviously its evolution ExoCompact, also discovered in 2018. Compared to these versions, there are now some new functionsSuch as manipulate other appscompromising password management apps or those of crypto-currency digital wallets and home banking apps, bypassing two-factor authentication as well.

  The 10 most powerful Android phones in the world

Android, the new Octo malware has new features that are often scam

Malware works by finding its way into the acquisition of accessibility services. At this point the virus dim the screen to zero, turn off notifications by activating do not disturb mode. This will not allow the user not to understand what the hacker is doing remotely placed. Afterwards, the virus monitors the victim’s behavior both online and offlinestealing everything he types, for exfiltrate email account logins, PINs, bank passwords. In addition, the virus puts into practice the management of text messages, by doing subscribe users to paid online services both to erase their traces.

  So you can know which applications are using up your Android’s battery

To date It is not known if there are any Octo-infected apps on the Play Store again but, if in doubt, it is good to often check that Play Protect is active, download the apps only from reliable sources, after having in any case given a browse to the related reviews and the reputation of the developers. Recent Google Play apps that have infected devices with Octo include an app called “Fast Cleaner”, which had 50,000 installations until February 2022, when it was discovered and removed. The full list of known Android apps containing Octo malware is listed below:

  Galaxy S5 update Android 6 how much more for Italy?

Trojans equipped with remote access modules stand becoming more and more common, making account protection steps, such as two-factor codes obsolete, as the threat actor fully controls the device and its linked accounts. Everything the user sees on their device screen becomes accessible to these malware variants, therefore after infection, no information is safe and no protection measures are effective. That said, users need to remain vigilant, keep the number of apps installed on their smartphones to a minimum and check regularly to make sure Play Protect is enabled.

Image by Michael Geiger from Pixabay