Security News > 2022 > April > New Android banking malware remotely takes control of your device
A new Android banking malware named Octo has appeared in the wild, featuring remote access capabilities that allow malicious operators to perform on-device fraud.
Octo is an evolved Android malware based on ExoCompact, a malware variant based on the Exo trojan that quit the cybercrime space and had its source code leaked in 2018.
Octo's significant new feature compared to ExoCompact is an advanced remote access module that enables the threat actors to perform on-device fraud by remotely controlling the compromised Android device.
Octo uses a black screen overlay to hide the victim's remote operations, sets screen brightness to zero, and disables all notifications by activating the "No interruption" mode.
Apart from the remote access system, Octo also features a powerful keylogger that can monitor and capture all victims' actions on infected Android devices.
"Thus, having these facts in mind, we conclude that ExobotCompact was rebranded to Octo Android banking Trojan and is rented by its owner"Architect", also known as "goodluck".
News URL
Related news
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- TrickMo malware steals Android PINs using fake lock screen (source)
- TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- Cyber crooks push Android malware via letter (source)