A DANGEROUS new malware targeting Android devices has been detected by cybersecurity researchers.
In 2021, researchers discovered a malware called ERMAC attacking Android devices.
Now, cybersecurity experts from ESET have discovered that a new version of the banking Trojan – dubbed ERMAC 2.0 – is active.
The malware targets Android devices via 467 apps that steal user credentials and banking information.
ERMAC 2.0 does this by posing as popular and genuine apps according to cybersecurity experts.
Cyble Research Labs also found that threat actors can rent the malware for a whopping $5,000 a month.
ERMAC 1.0, officially discovered in August 2021, used 378 apps and was rented for $3,000 per month.
“We have observed the ERMAC 2.0 being deployed via fake websites,” Cyble Labs noted in a blog post.
The experts added that EMRAC 2.0 is also proliferated using fake browser update sites.
How does it work?
Once someone installs ERMAC 2.0 via a rogue app, the malware requests up to 43 permissions from their device.
If these permissions are granted, the attackers can take complete control of a victim’s device.
Other permissions can give the hacker SMS access, contacts access, system alert window creation, audio recording, or full read and write access to the storage.
Certain permissions can also create a list of apps installed on the victim’s device and share that data with the hacker’s C2 server, according to Tech Radar.
This can lead to a complex phishing scheme that collects the user’s data when they try to log into the affected app.
Some phishing sites used to trick victims include banking applications such as Japan’s Bitbank, India’s IDBI Bank, Australia’s Greater Bank and Boston-based Santander Bank, per Phone Arena.
How to protect yourself
Several restrictions imposed on abuse of the Accessibility Service protect devices running Android 11 and 12, according to BleepingComputer.
However, users are still advised not to download apps from outside of the Google Play Store.
Even if an app is in Google’s Play Store, users should be mindful of its legitimacy.
We pay for your stories!
Do you have a story for The US Sun team?
https://www.the-sun.com/tech/5429911/android-warning-billions-malware-passwords/ Android alerts BILLIONS as malware that STEALS your passwords is recognized as ‘more dangerous’