“At the beginning of January 2021, a new Android banker started appearing and it was discovered and analysed by our Threat Intelligence and Incident Response (TIR) team,” Cleafy explained on its blog post. “When the malicious app has been downloaded on the device, it tries to be installed as an “Android Service”, which is an application component that can perform long-running operations in the background.
“This feature is abused by TeaBot to silently hide itself from the user, once installed, preventing also detection and ensuring its persistence.”
TeaBot appears to be at its early stages of development and could spread to more countries in the coming months. Since it’s still in active development, hackers can adapt the code to make it faster, even harder to detect and more.
To stay safe, Android users should always keep an eye on the permissions being requested by an app downloaded to your smartphone. If you’re installing a new sat-nav tool, it’s pretty obvious why it would need access to your current location… however, if you’re trying to install a fun puzzle game and it wants to know where you are at all times, that could seem a little suspicious. Android users can use anti-virus tools, downloaded from the Play Store, to check for malware and suspicious software on their gadgets too.
Published at Mon, 17 May 2021 15:51:53 +0000