Security researchers have detected new malware that targets Android phones and steals users' banking data. Experts have warned that the spyware named EvenBot will be widely available in attacks soon.
Researchers from the security company Cybereason have detected new spyware designed to steal people's credentials that they use to access banking systems and other finance applications. Moreover, this malware targeting Android phone users is updated regularly.
The malware, called EventBot , acts like the applications that have authority in the Android root directory to gain full access to Android devices. After accessing the two-factor verification messages sent to the device, it does not doubt by deleting the messages from the system. EventBot can leak data from nearly 200 banking and crypto wallet applications as well as financial applications .
EventBot sends transactions and banking data on the device to hackers
EventBot can also silently record every touch on the screen, read notifications from other installed apps, and provide hackers with information about what the victim is doing on their device. Malware sends the passwords of banking and cryptocurrency applications to the server of cyber attackers.
Security expert Assaf Dahan says cyber attackers are testing the application and it is only a matter of time before they start using the malware to attack their mobile banking customers . "Our customer base audience has not detected live attacks yet, but they are very close to doing this," said Dahan .
Experts warn against 3rd party apps on Google Play Store
It is currently unknown what attackers will use to move spyware to smartphones. Cybereason analysts were predicted that attackers would spread malware through the third-party apps on the Google Play Store . However, experts have stated that they have not found any traces related to EventBot in the Android application store for now. Researchers warn users to avoid third-party sites and unreliable apps in the Play Store.