Nasty new Android malware cleaning out bank and crypto accounts

1. Habitation
2. News
3. Security

Nasty new Android malware cleaning out bank and crypto accounts

(Image credit: Shutterstock)

A nasty new Android banking Trojan called SharkBot has been spotted by security researchers, and it's already targeting banks in the United Kingdom and Italy and cryptocurrency apps in the United States.

Like many mobile banking Trojans, said researchers at Italian fraud detection firm Cleafy  in a report terminal calendar week, SharkBot has the power to intercept text letters to snag two-factor-authentication codes, to put overlays over real banking apps so that users enter passwords into the wrong app, and to log keystrokes.

But SharkBot also does something special. One time it has your account info, it can launch electronic money transfers correct from the telephone without having to become authorization from the banking concern or triggering anti-fraud safeguards.

"Mobile malwares are quickly finding new means to perform fraud, trying to bypass behavioural detection countermeasures put in place by multiple banks and fiscal services during the last years," the Cleafy report said.

Once information technology has your account info, SharkBot tin launch electronic money transfers right from the phone without having to get authorization from the depository financial institution

SharkBot masquerades as media-player or utility apps, which as soon every bit they are installed enquire the user to grant Android accessibility services that are meant to assist people with hearing or vision disabilities but in fact give the apps near-total control of the device. And because it'south fairly new malware that, according to Clearfy, seems to accept been written from scratch, it isn't yet detected by many of the best Android antivirus apps.

The upside is that SharkBot is non (yet) in the Google Play app shop, so as long as you stick to that and don't enable the installation of apps from "unknown services," you'll probably be safe.

As for which banks and cryptocurrency apps SharkBot is targeting, Clearfy didn't provide a listing of names — just that 14 U.K. banks, eight Italian ones and five U.Southward. cryptocurrency apps were in SharkBot's sights. But the malware seems to exist still nether evolution, then more financial institutions may soon exist added to the target list.

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, lawmaking monkey and video editor. He'southward been rooting effectually in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom'southward Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown upwardly in random Idiot box news spots and even chastened a console discussion at the CEDIA home-engineering science briefing. You can follow his rants on Twitter at @snd_wagenseil.

Source: https://www.tomsguide.com/news/sharkbot-android-banking-trojan

Posted by: tapiatindst.blogspot.com

Share this post