Tech

Android alerts BILLIONS as malware that STEALS your passwords is recognized as ‘more dangerous’

A DANGEROUS new malware targeting Android devices has been detected by cybersecurity researchers.

In 2021, researchers discovered a malware called ERMAC attacking Android devices.

Cybersecurity experts have discovered a dangerous new malware targeting Android devices.

1

Cybersecurity experts have discovered a dangerous new malware targeting Android devices.Photo credit: SOPA Images/LightRocket via Gett

Now, cybersecurity experts from ESET have discovered that a new version of the banking Trojan – dubbed ERMAC 2.0 – is active.

The malware targets Android devices via 467 apps that steal user credentials and banking information.

ERMAC 2.0 does this by posing as popular and genuine apps according to cybersecurity experts.

Cyble Research Labs also found that threat actors can rent the malware for a whopping $5,000 a month.

China is reportedly launching a “cyberespionage war” against Russia with a malware plot
Android warns of'Joker' malware as it asks users to delete seven apps NOW

ERMAC 1.0, officially discovered in August 2021, used 378 apps and was rented for $3,000 per month.

“We have observed the ERMAC 2.0 being deployed via fake websites,” Cyble Labs noted in a blog post.

The experts added that EMRAC 2.0 is also proliferated using fake browser update sites.

How does it work?

Once someone installs ERMAC 2.0 via a rogue app, the malware requests up to 43 permissions from their device.

If these permissions are granted, the attackers can take complete control of a victim’s device.

Other permissions can give the hacker SMS access, contacts access, system alert window creation, audio recording, or full read and write access to the storage.

Certain permissions can also create a list of apps installed on the victim’s device and share that data with the hacker’s C2 server, according to Tech Radar.

This can lead to a complex phishing scheme that collects the user’s data when they try to log into the affected app.

Some phishing sites used to trick victims include banking applications such as Japan’s Bitbank, India’s IDBI Bank, Australia’s Greater Bank and Boston-based Santander Bank, per Phone Arena.

How to protect yourself

Several restrictions imposed on abuse of the Accessibility Service protect devices running Android 11 and 12, according to BleepingComputer.

The Texas shooter's haunting final conversation with his mother and his strange 18th present have been revealed
Little People's Zach & Tori Roloff Reveal If Newborn Son Josiah Has Dwarfism

However, users are still advised not to download apps from outside of the Google Play Store.

Even if an app is in Google’s Play Store, users should be mindful of its legitimacy.

We pay for your stories!

Do you have a story for The US Sun team?

https://www.the-sun.com/tech/5429911/android-warning-billions-malware-passwords/ Android alerts BILLIONS as malware that STEALS your passwords is recognized as ‘more dangerous’

Chris Barrese

InternetCloning is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – admin@internetcloning.com. The content will be deleted within 24 hours.

Related Articles

Back to top button