Security News > 2023 > January > SpyNote Strikes Again: Android Spyware Targeting Financial Institutions

Financial institutions are being targeted by a new version of Android malware called SpyNote at least since October 2022.

"This has helped other actors [in] developing and distributing the spyware, often also targeting banking institutions."

Some of the notable institutions that are impersonated by the malware include Deutsche Bank, HSBC U.K., Kotak Mahindra Bank, and Nubank.

SpyNote is feature-rich and comes with a plethora of capabilities that allow it to install arbitrary apps; gather SMS messages, calls, videos, and audio recordings; track GPS locations; and even hinder efforts to uninstall the app.

SpyNote packs in functionalities to plunder Facebook and Gmail passwords as well as capture screen content by leveraging Android's MediaProjection API. The Dutch security firm said that the most recent iteration of SpyNote is the first variant to strike banking apps as well as other well-known apps like Facebook and WhatsApp.

"This development is not as common within the Android Spyware ecosystem, but is extremely dangerous and shows the potential start of a new trend, which will see a gradual disappearance of the distinction between spyware and Banking malware, due to the power that the abuse of Accessibility services gives to criminals," the company said.

News URL

https://thehackernews.com/2023/01/spynote-strikes-again-android-spyware.html