Security News > 2020 > April > New Android Malware Targets PayPal, CapitalOne App Users
An Android mobile malware has been uncovered that steals payment data from users of popular financial apps like PayPal, Barclays, CapitalOne and more.
EventBot is not currently on the Google Play app marketplace, but researchers said the malware is nonetheless masquerading as legitimate applications.
Researchers were unable to identify any conversations about EventBot on underground forums, where new malware is often introduced, promoted and sold - further strengthening their suspicion that the malware is still undergoing development and has not been officially released.
"With each new version, the malware adds new features like dynamic library loading, encryption and adjustments to different locales and manufacturers," said researchers.
"EventBot appears to be a completely new malware in the early stages of development, giving us an interesting view into how attackers create and test their malware."
News URL
https://threatpost.com/android-malware-paypal-capitalone-app/155341/
Related news
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)
- New DroidBot Android banking malware spreads across Europe (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)
- Germany sinkholes BadBox malware pre-loaded on Android devices (source)
- Germany blocks BadBox malware loaded on 30,000 Android devices (source)
- Android malware found on Amazon Appstore disguised as health app (source)
- BadBox malware botnet infects 192,000 Android devices despite disruption (source)
- New FireScam Android malware poses as RuStore app to steal data (source)
- New FireScam Android data-theft malware poses as Telegram Premium app (source)