Beware! A New Banking Trojan Has Capacity To Steal Billions of Banking Passwords from Android Phone

New banking trojan is stealing banking passwords from Android devices

Cybersecurity experts have discovered new malicious malware that is said to be extremely dangerous to the security of bank accounts. This new nasty malware actually steals Android user passwords and endangers privacy and security with the potential for financial fraud. Surprisingly, the new malware is an updated version of a banking Trojan found in  2021. And now it's active again.

Cyber ​​Research Labs reported that they happened to come across a tweet from a researcher who mentioned the distribution of ERMAC 2.0. ERMAC is an Android banking Trojan that was first discovered when targeting Poland in late August 2021.

ERMAC 1.0 had the ability to steal credentials for 378 different applications. At the Cybercrime Forum, attackers lent out for $ 3,000 a month. Surprisingly, Cyber ​​Research Labs announced that it has recently discovered that an improved version of ERMAC 2.0 can be rented in an underground forum for $ 5,000 per month, targeting 467 applications that are subject to credential theft. did.

How do frauds happen and how does ERMAC 2.0 work?

When someone installs ERMAC 2.0 through a rogue app, the malware requests up to 43 permissions from their device. 

These permissions, if granted, could allow malicious players full control over a victim's device. 

Other permissions could give hackers access to text messages, and contacts, create system warning windows, record audio, or full read and write permissions to memory. 

Some permissions can also create a list of apps installed on a victim's device and share that data with the hacker's C2 server, according to Tech Radar

This could lead to an elaborate phishing scheme that collects user data every time they try to log into the affected application. 

Some of the phishing sites used to trick victims include banking apps like Japan's bit bank, India's IDBI Bank, Australia's Greater Bank, and Boston's Santander Bank, according to Phone Arena.

How to Protect Yourself from These Malicious Trojans?

According to BleepingComputer, some restrictions on abuse of Accessibility Services protect devices running Android 11 and 12. 

However, users should still avoid downloading apps outside of the Google Play Store. 

Even if an app is available on the Google Play Store, users should remain vigilant about its legitimacy.

1. Device encryption 

 Device encryption is one of the essential steps to establishing a healthy cybersecurity environment, but it is often overlooked and quite often Android users do not use the device encryption feature. Device encryption isn't just about setting up a complicated password or a screen lock pattern. It encrypts the data stored on your phone and can only be viewed or accessed by those with genuine credentials. With this feature, you can ensure that none of your sensitive data falls into the wrong hands of hackers. 

Android allows users using operating systems versions 4.4, 5.0, or higher to take advantage of built-in encryption. You must manually configure your device settings to enable device encryption. Here are the steps to do it: 

Go to Settings > Tap  Security option > Encrypt device. 

After enabling this feature, you can rest assured that your data remains inaccessible to malicious third-party apps. You can also find some reliable  Android Encryption apps in the Google Play Store; you can use them and enjoy device encryption. 

2. Using VPN

A VPN is a great anonymous tool that establishes a secure connection between your device and the Internet. It does this by masking your IP address and encrypting data traffic. Since it uses military-grade encryption, tunneling protocols, and various security-focused features, it provides better protection than standard device encryption. But when it comes to preventing Android malware, VPNs offer no direct help.

Some of the best VPN providers add malware blocking. It offers an enhanced solution that takes your online security and privacy to the next level. It blocks websites with malware and other online threats before they can harm your device and put your digital privacy at risk when you're connected to the Internet. 

So you can boost your digital security and keep malware out with a VPN. But make sure the VPN offers malware blocking

 3. Download apps from official websites 

 One prominent way to infect your Android phone with malware is to download fake and fake apps from unofficial websites. Hackers develop malicious apps that even pass Google's security checks. When users download such apps, they download malware on their devices. 

 The Android operating system comes with the Google PlayStore, which provides various legal apps for download developed by Google developers. Therefore, you should only download apps from the official Google Play Store. But beware of pirated apps available on the app store and trick users. You can even configure settings and uncheck the box that says install from unknown sources to prevent apps from downloading outside of Google or containing malware. Also, be sure to download apps you know.

4. Check for Malware

Android also allows users to check for malware if they have any doubts. Follow the steps  mentioned below and check if your phone is  infected with Android malware:

  1.  Open the Google PlayStore app. 
  2.  Tap  the Menu icon 
  3.  Click  Play Protect 
  4.  Select Scan

If your Android is infected with malware, it will provide an option to remove it. You can run the scan manually or, by changing the settings, set it to automatic scanning.

Choosing the automatic scan option is more effective as you will be modified every time malware violates your privacy. In addition, it protects you from the hassle of manual scanning.

To configure automatic scanning, tap the configuration option at the top of the Play Protect window and enable both features.

The device will take a few minutes and then show you the results. 

 5. Install an anti-malware application

 Installing an anti-malware application is another effective way to detect advanced forms of malware and keep your data and devices safe. There are various reliable anti-malware tools that you can find on the Google PlayStore. Choose and download the best and protect your phone from malicious attacks. These apps, when run, scan all downloaded files and apps for malware and other potential threats, remove them, and prevent them from harming your Android phone.

Potential Signs of Android Malware

One of the easiest ways to protect your phone from Android malware is to watch for signs that make you think something is wrong. Threats can get your valuable data in the form of apps you download or accidentally click on online ads. Here are the most important signs to help detect Android malware on your device: 

  • Your device is running slower than usual.
  • Ads pop up frequently Phone battery starts to drain faster.
  • The smartphone is too hot.
  • Long loading time.
  • Increase data usage and phone bills.
  • You see apps on your smartphone that you've never used or downloaded before.
  • Your device is not receiving any new operating system updates.

If you experience or see any of the above-mentioned signs on your Android device, check for malware and follow safety tips.

Post a Comment