All Android users need to be aware of a terrifying new threat that uses a very sneaky new tactic to stay hidden from view. The bug, named Octo, has the ability to head straight to the settings menu on the device and dim the screen to zero so it appears to be switched off or placed in the popular sleep mode. With the display seemingly off, hackers can then remotely access everything on the device and even open text messages, emails or view contacts without the owner ever realising anything is wrong.
To make matters worse, Octo’s main target is banking data with cyber thieves using this latest virus to gain access to user names and passwords thanks to the installation of keyloggers that monitor everything that is typed on the keyboard.
They can then set about stealing money whilst the owner of the device remains completely unaware that they are under attack.
This latest threat was discovered by the security team at ThreatFabric who say it’s being distributed via fake apps and malicious websites.
It’s thought that hackers are even attempting to distribute the malware via Google’s official Play Store which, if successful, could leave thousands of devices infected and users at risk of leaving their most personal data in the hands of thieves.
To help improve its effectiveness even further, the crooks behind the campaign have also made it almost impossible to uninstall.
Speaking about this new attack, Threat Fabric said: “Octo has dangerous capabilities, powered by inventive distribution schemes including droppers on official Google Play store and malicious landing pages. Thus, customers are very likely to fall into installing the malware on their devices, allowing the actors to have remote access to their devices and therefore to their banking accounts. To properly detect possible ODF we recommend financial institutions to have strong client-side detection solution that can detect malware not only by signatures (ExobotCompact proves that it can be useless), but by its malicious behavior.”
Right now the best way to avoid falling victim is to be very careful what you install on your device.
Never download any apps or software from the web unless you are 100 percent certain that they have come from an official source.
Even when downloading from the Play Store it’s still a good idea to be cautious as despite the tech giant bringing in tough new security measures some malware-packed applications are still slipping through.
Before you download from the Play Store, check the reviews as this will often reveal if applications are hiding any nasty surprises.
Published at Mon, 11 Apr 2022 07:27:00 +0000