- Advertisement -spot_img
Friday, June 24, 2022

Password-stealing Android malware puts billions of users at risk

A dangerous new malware targeting Android devices has been uncovered by cyber security experts.

In 2021, researchers discovered a malware named ERMAC that was attacking Android devices.

Now, cybersecurity experts at ESET have discovered that a new version of the banking trojan – called ERMAC 2.0 – is active.

The malware targets Android devices through 467 apps that steal users’ credentials and bank information.

According to cyber security experts, ERMAC 2.0 does this by impersonating popular and genuine apps.

Cyble Research Labs also found that threat actors could rent malware for a hefty monthly fee of $5,000.

ERMAC 1.0, which was officially discovered in August 2021, used 378 apps and was being rented for $3,000 a month.

“We have noticed that ERMAC 2.0 is being distributed through fake sites,” Cyble Labs noted in a blog post.

Experts said that EMRAC 2.0 also spreads through fake browser update sites.

How does this work?

Once someone installs ERMAC 2.0 through a fraudulent app, the malware requests 43 permissions from their device.

These permissions, if granted, could enable bad actors to take full control of the victim’s device.

Other permissions hackers can gain include SMS access, contact access, system alert window creation, audio recording, or full storage read and write access.

According to cyber security experts, ERMAC 2.0 impersonates popular and genuine apps.
Getty Images/iStockPhoto

According to Tech Radar, certain permissions can also create a list of apps installed on the victim’s device and share that data with the hacker’s C2 servers.

This can result in a complex phishing scheme that harvests a user’s data when they try to log in to the affected app.

Some of the phishing pages being used to mislead victims include banking applications such as Bitbank of Japan, IDBI Bank of India, Greater Bank of Australia and Boston-based Santander Bank, per Phone Arena.

how to protect yourself

According to BleepingComputer, several restrictions placed on abuse of the accessibility service protect devices running Android 11 and 12.

However, users are still advised to avoid downloading apps from outside Google’s Play Store.

Even if an app is on Google’s Play Store, users should be cautious about its legality.

World Nation News Desk
World Nation News Deskhttps://worldnationnews.com/
World Nation News is a digital news portal website. Which provides important and latest breaking news updates to our audience in an effective and efficient ways, like world’s top stories, entertainment, sports, technology and much more news.
Latest news
Related news
- Advertisement -


Please enter your comment!
Please enter your name here