Security News > 2022 > April > New Android banking malware remotely takes control of your device
A new Android banking malware named Octo has appeared in the wild, featuring remote access capabilities that allow malicious operators to perform on-device fraud.
Octo is an evolved Android malware based on ExoCompact, a malware variant based on the Exo trojan that quit the cybercrime space and had its source code leaked in 2018.
Octo's significant new feature compared to ExoCompact is an advanced remote access module that enables the threat actors to perform on-device fraud by remotely controlling the compromised Android device.
Octo uses a black screen overlay to hide the victim's remote operations, sets screen brightness to zero, and disables all notifications by activating the "No interruption" mode.
Apart from the remote access system, Octo also features a powerful keylogger that can monitor and capture all victims' actions on infected Android devices.
"Thus, having these facts in mind, we conclude that ExobotCompact was rebranded to Octo Android banking Trojan and is rented by its owner"Architect", also known as "goodluck".
News URL
Related news
- Hackers steal banking creds from iOS, Android users via PWA apps (source)
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)