Known as “Octo Android” is a malware capable of taking control of your mobile to steal sensitive data, including bank details.
new week, new threat discovered on Android. Since beeping computer echoed a news malware cases which, in recent months, would have endangered Android users, by being able to take full control of devices to carry out fraudulent attacks.
To achieve this, the Trojan horse tricked the user into believing that the device’s screen was offand in the meantime was able to steal sensitive information, including access keys to banking applications, content of password managers or keys to cryptocurrency applications.
“Octo Android”, a dangerous malware capable of stealing your bank details
According to cybersecurity researchers from Threat Fabricthe malware-infected apps surpassed 50,000 installs, and had been distributed through the Play Store. Therefore, the Trojan could have evaded Google Play Protect’s threat detection systems.
The Trojan, based on malware already known to researchers, is capable of perform fraudulent attacks on the –ODF– deviceone of the most dangerous and stealthy types of threats.
“ODF is the most dangerous, risky and discreet type of fraud, where transactions are initiated from the same device that the victim uses every day. In this case, anti-fraud engines are challenged to identify fraudulent activity with a significantly lower number of suspicious indicators compared to other types of fraud carried out through different channels.
After downloading one of the infected applications and running it for the first time, the Trojan takes advantage of accessibility permissions to take control of the victim’s device. In this way he is able to live screen content to the attacker’s control center. Besides, malware disable notifications and dims the screen completely, so the user thinks the screen is off and the device is sleeping.
However, it is at this point that the malware starts working, perform all sorts of actions from copying and pasting text, making scrollopen applications and menus, etc. to steal all kinds of sensitive information, including passwords, access data to banking entities, private messages and much more.
The malware was discovered by researchers in different apps and web pages present on Google Play. Names include Fast Cleaner 2021 and Pocket Screencaster as infected apps distributed through the App Store. The same malware present in fake banking apps popular in various countries, distributed through third-party websites.
Related Topics: Apps
Sign up for Disney+ for 8.99 euros and without permanence