22.8 C
Australia
Friday, October 30, 2020

Beware of mobile banking malware EventBot, warns CERT-In

Must read

Qld election 2020: Why KAP is the social gathering to look at

Regardless of each Annastacia Palaszczuk and Deb Frecklington repeatedly affirming they might not do any offers within the occasion of a hung parliament,...

QLD election 2020 stay updates: Premier Annastacia Palaszczuk and Deb Frecklington’s ultimate

The person who has allegedly predicted each Queensland election outcome since 1974 has had his say, declaring Premier Annastacia Palaszczuk to win with...
The Indian Telegraphhttps://theindiantelegraph.com.au/
Established in 2007, The Indian Telegraph is a multi award winning digital media company based in Australia.

n Android mobile banking malware called “EventBot” which steals user data from financial applications is spreading, warns the Indian Computer Emergency Response Team (CERT-In).

This mobile banking Trojan abuses Android’s in-built accessibility features to steal user data, read user SMS messages and intercept SMS messages, allowing malware to bypass two-factor authentication, the cybersecurity agency said in its advisory this month.

EventBot targets over 200 different financial applications, including banking applications, money-transfer services, and cryptocurrency wallets, or financial applications based in the US and Europe region at the moment but some of their services may affect Indian users as well.

The malware largely targets financial applications like Paypal Business, Revolut, Barclays, UniCredit, CapitalOne UK, HSBC UK, TransferWise, Coinbase, paysafecard etc., said CERT-In.

While EventBot has not been seen on Google Play Store yet, it uses several icons to masquerade as a legitimate application.

EventBot is using third-party application downloading site to infiltrate into the victim device, the CERT-In warned.

“Once installed on victim’s Android device, it asks permissions such as controlling system alerts, reading external storage content, installing additional packages, accessing Internet, whitelisting it to ignore battery optimisation, prevent processor from sleeping or dimming the screen, auto-initiate upon reboot, receive and read SMS messages, and continue running and accessing data in the background,” the cybersecurity agency said in its advisory.

Further, the malware prompts the users to give access to their device accessibility services.

“Also, it can retrieve notifications about other installed applications and read contents of other applications. Over the time, it can also read Lock Screen and in-app PIN that can give attacker more privileged access over victim device,” the advisory said.

To help users prevent the malware infection into Android phones, the cyber-security agency recommended certain counter-measures.

“Do not download and install applications from untrusted sources (offered via unknown websites/ links on unscrupulous messages),” it said.

It also asked users to install updated anti-virus solution on Android devices.

SourceIANS

Latest article

Will Pucovski took on the brand new position of opener for Victoria in his first hit of the summer season

Victorian coach Chris Rogers produced the primary shock transfer of the cricket summer season elevating batting dynamo Will Pucovski to open because the...

$1 million reward: WA mum’s plea to unravel 40-year homicide thriller

The mom of a WA woman who vanished 40 years in the past says she has nearly given up hope of ever studying...

Cricket: Test quick Mitch Starc warned Aussie teammate Marnus Labuschagne who went on to make another century

Australia’s Test stars have butted heads in a fierce Adelaide workout watched closely by chairman of selectors Trevor Hohns.From his eyrie in the...

Help Your Community Tell Their Story

The Australian Bureau of Statistics is recruiting Census Engagement Managers for the 2021 Census, which is on 10 August. The employment period...

Kyle Daniels trial: Mum will ‘always remember’ what daughter mentioned to her

A mom has defended her choice to solely elevate with swim faculty workers allegations that an teacher had inappropriately touched her daughter and...