EventBot Android malware caught stealing data from Financial Apps

843

All those who are using financial apps are hereby being warned that a new kind of Android malware is seen stealing data from more than 200 financial apps by bypassing the 2 Factor Authentication (FA) feature.

 


According to the research conducted by Cybereason Nocturnus, the malware’s name is ‘EventBot’ and is known to bypass the accessibility features of Android to steal data from over 200 financial apps. Furthermore, the malware is also seen as having the capability to read the victim’s SMSes, contacts, and all types of wallet data.

 

Cybereason has confirmed that EventBot can steal data from apps such as Paypal Business, Revolut, Barclays, UniCredit, CapitalOne UK, HSBC UK, Santander UK, Transferwise, Coinbase, Paysafecards, and such 100 others.

 

Additionally, the data-stealing Trojan was also caught stealing credit card info, money transfers, and cryptocurrency from e-wallets.

 

As EventBot tends to masquerade legitimate Android apps like KeepNotes, Adobe flash, and Microsoft Word, it might have reached the APK Stores.

 

So, the security researchers from Cybereason are advising the Android users to keep their phone operating system up-to-date with the latest security update, use the device which has the latest Operating system such as Android 10, keep a tab on permissions and requests made by the apps, check APK Signature and use an anti-virus solution from a noted brand.

 

Note- Cybereason is a threat monitoring and mitigation solutions provider that was founded in 2012 in Boston, Massachusetts. It’s known to offer endpoint security, antivirus solutions, and managed services suit. Nocturnus is the cyber arm of Cybereason which was the first to discover digital-vaccinations for 2017 NotPetya and Bad Rabbit Ransomware attacks.