Security News > 2020 > May > New Android Malware Steals Banking Passwords, Private Data and Keystrokes

A new type of mobile banking malware has been discovered abusing Android's accessibility features to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes.

Called "EventBot" by Cybereason researchers, the malware is capable of targeting over 200 different financial apps, including banking, money transfer services, and crypto-currency wallets such as Paypal Business, Revolut, Barclays, CapitalOne, HSBC, Santander, TransferWise, and Coinbase.

"This brand new malware has real potential to become the next big mobile malware, as it is under constant iterative improvements, abuses a critical operating system feature, and targets financial applications."

Last month, IBM X-Force researchers detailed a new TrickBot campaign, called TrickMo, that was found exclusively targeting German users with malware that misused accessibility features to intercept one-time passwords, mobile TAN, and pushTAN authentication codes.

Keeping the software up-to-date and turning on Google Play Protect can also go a long way towards protecting devices from malware.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/EHR4BHQMwNo/android-banking-keylogger.html