Known as “Octo Android Malware” is malware capable of taking control of your mobile to steal sensitive data, including bank details.
new week, a new threat was discovered on Android. Since beeping computers echoed news malware cases which, in recent months, would have endangered Android users, by being able to take full control of devices to carry out fraudulent attacks.
To achieve this, the Trojan horse tricked the user into believing that the device’s screen was off and in the meantime was able to steal sensitive information, including access keys to banking applications, the content of password managers or keys to cryptocurrency applications.
Various applications on an Android smartphone.
“Octo Android”, a dangerous malware capable of stealing your bank details
According to cybersecurity researchers from Threat Fabricthe malware-infected apps surpassed 50,000 installs, and had been distributed through the Play Store. Therefore, the Trojan could have evaded Google Play Protect’s threat detection systems.
The Trojan, based on malware already known to researchers, is capable of performing fraudulent attacks on the –ODF– device one of the most dangerous and stealthy types of threats.
“ODF is the most dangerous, risky and discreet type of fraud, where transactions are initiated from the same device that the victim uses every day. In this case, anti-fraud engines are challenged to identify fraudulent activity with a significantly lower number of suspicious indicators compared to other types of fraud carried out through different channels.
After downloading one of the infected applications and running it for the first time, the Trojan takes advantage of access permissions to take control of the victim’s device. In this way, he is able to live screen content to the attacker’s control center. Besides, malware disables notifications and dims the screen completely, so the user thinks the screen is off and the device is sleeping.
However, it is at this point that the malware starts working, performing all sorts of actions from copying and pasting text, making scroll open applications and menus, etc. to steal all kinds of sensitive information, including passwords, access data to banking entities, private messages and much more.
FastCleaner, is one of the applications infected by Octo Android.
The malware was discovered by researchers in different apps and web pages present on Google Play. Names include Fast Cleaner 2021 and Pocket Screencaster as infected apps distributed through the App Store. The same malware is present in fake banking apps popular in various countries and distributed through third-party websites.
