A New VIRUS Highly Susceptible to Android

As the Traffic of Android Users in Mobile Banking Transaction is Quite High. Hackers have planted a New Malware named ‘EventBot’. This Malware having a high vulnerability especially to Mobile Banking and is capable of stealing not only Personal Information but also the Sensitive Data that users try to hide according to the Computer Emergency Response Team of India (CERT-In), the national technology arm that combats against cyber attacks and guard the Indian cyberspace. The CERT-In has issued a caution that reportedly warns the users to limit their transaction, claimed that the Trojan virus can “masquerade as a legitimate application such as Microsoft Office, Adobe flash and others using third-party application downloading sites to make it into victim’s device”. A Trojan virus often enters a device by cheating the user into believing that it is the software that they need so they don’t raise the question and download it from 3rd party platforms. It then attacks the operating system from the inside out.

“It is an android-banking Trojan and information-stealer that abuses Android’s Accessibility feature and steal your personal data from financial applications who are already having accessibility permission, and tries to gain your SMS messages too, the malware is also capable to break into two-factor authentication,” CERT-In advisory addresses. The cybersecurity agency claimed that the new virus targets over 200 financial applications including banking applications, money-transfer services, and cryptocurrency wallets, or the US and Europe-based financial applications. However, CERT-In also claims that these may affect Indian users as well.

The virus “mainly targets financial applications like Paypal Business, Paysafecard, Revolut, Barclays, UniCredit, CapitalOne UK, HSBC UK, TransferWise, Coinbase, etc.,” the CERT-In said. So far, the virus has not been spotted on any Google Playstore application but it can use third-party app markets to mask themselves and enter operating systems.”Once installed on the victim’s Android device, it asks permissions such as controlling system alerts, reading external storage content, installing additional packages, accessing the internet, whitelisting it to ignore battery optimization, while preventing the processor from stopping, auto-initiated upon reboot, receive and read SMS messages and continue running and accessing data in the background,” the advisory explained.

Protect yourself from Android Dendroid Virus

1. Do not download and install applications from 3rd party and untrusted sources. Always Install applications from the official Appstore.

2. Run a full system scan with mobile antivirus solution or mobile security solution on your device.

3. Check for the permissions required by an application before installing.

4. Exercise caution while visiting trusted/untrusted sites for clicking links.

5. Install Android updates and patches as and when available from Android device vendors

6. Install and maintain updated mobile security/antivirus solution

7. Users are advised to use device encryption or encrypting external SD card feature available with most of the Android OS.

8. Users are advised to keep an eye on Data usage (application-wise usage also) and unusual increase in mobile bills.

9. Users are advised to keep an eye on device battery usage (application-wise usage also)

10. Load Flash content on demand.

11. Avoid using unsecured, unknown Wi-Fi networks. There may be dishonest Wi-Fi access points at public places used for distributing malicious applications. 12. Make a practice of taking regular backup of android device.