Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

New Android Malware Could Steal Sensitive Information

 

Systems Affected



Threat Level


High


Overview


A new malware type that is abusing slcerts accessibility feature to capture sensitive financial data from victims devices has been identified.


Description


Malware is targeting over 200 financial applications including banking, money transfer services and crypto-currency wallets such as PayPal, Barclays, HSBC and Capital-One etc. This Malware is capable of reading user SMS messages in order to hijack SMS-based two factor authentication. This Malware campaign was first identified in March 2020 and it masks its malicious intent by pretending to be a legitimate application such as Adobe flash, Microsoft Word etc.


Impact


  ✻  Risk of Exposure of your personal information
  ✻  Financial loss
  ✻  Malware distribution


Solution/ Workarounds


  ✻  Use official google store to download application
  ✻  Read comment section before downloading the application to check the credibility
  ✻  Enable Google Play protect


References


  ✻  https://thehackernews.com/2020/04/android-banking-keylogger.html


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.