35 C
Delhi
Sunday, May 24, 2020

Beware of mobile banking malware EventBot, warns CERT-In

Cracking Cyer and Online frauds a headache for Delhi cyber cellNew Delhi, May 17 (IANS) An Android mobile banking malware called “EventBot” which steals user data from financial applications is spreading, warns the Indian Computer Emergency Response Team (CERT-In).

This mobile banking Trojan abuses Android”s in-built accessibility features to steal user data, read user SMS messages and intercept SMS messages, allowing malware to bypass two-factor authentication, the cybersecurity agency said in its advisory this month.

- Advertisement -

EventBot targets over 200 different financial applications, including banking applications, money-transfer services, and cryptocurrency wallets, or financial applications based in the US and Europe region at the moment but some of their services may affect Indian users as well.

The malware largely targets financial applications like Paypal Business, Revolut, Barclays, UniCredit, CapitalOne UK, HSBC UK, TransferWise, Coinbase, paysafecard etc., said CERT-In.

While EventBot has not been seen on Google Play Store yet, it uses several icons to masquerade as a legitimate application.

EventBot is using third-party application downloading site to infiltrate into the victim device, the CERT-In warned.

“Once installed on victim”s Android device, it asks permissions such as controlling system alerts, reading external storage content, installing additional packages, accessing Internet, whitelisting it to ignore battery optimisation, prevent processor from sleeping or dimming the screen, auto-initiate upon reboot, receive and read SMS messages, and continue running and accessing data in the background,” the cybersecurity agency said in its advisory.

Further, the malware prompts the users to give access to their device accessibility services.

“Also, it can retrieve notifications about other installed applications and read contents of other applications. Over the time, it can also read Lock Screen and in-app PIN that can give attacker more privileged access over victim device,” the advisory said.

To help users prevent the malware infection into Android phones, the cyber-security agency recommended certain counter-measures.

“Do not download and install applications from untrusted sources (offered via unknown websites/ links on unscrupulous messages),” it said.

It also asked users to install updated anti-virus solution on Android devices.

–IANS

Total Cases

Active Cases

Recovered

Deaths

125100

             69597

51783

3720

Covid 2019 India Stats Overview. Source: Ministry of Health and Family Welfare. Updated: 23 May 2020, 08:00

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Must Read

Cyclone Amphan wreaks havoc in Odisha, two killed

Bhubaneswar, May 20 (IANS) Cyclone Amphan caused havoc in the coastal districts of Odisha as it triggered heavy rainfall,...

Decision soon on film shootings, screenings: Kishan Reddy

Hyderabad, May 24 (IANS) Amid the gradual relaxation of lockdown regulations in all sectors, Union Minister of State for Home Affairs G. Kishan Reddy...

BCCI is ready for ‘cloded door games’ says says fans’ safety priority

New Delhi, May 24 (IANS) Union Sports Minister Kiren Rijiju has made it clear that under present circumstances, the country should be ready for...

India might allow int”l flights ops from July: Minister

New Delhi, May 24 (IANS) International flight operations from India might commence from July depending upon the circumstances surrounding the Covid-19 outbreak, Union Civil...

ICMR revises guidelines for use of Hydroxychloroquine

New Delhi, May 24 (IANS) The Indian Council of Medical Research (ICMR) has issued revised guidelines for use of hydroxychloroquine (HCQ), the malaria drug,...

More Articles Like This