A new form of malware is attacking Android devices by showing a flash update that needs to be installed as soon as possible, warned by Security researchers.
According to SophosLabs, its is a fake update and contains a malware that is known as Invisible Man and showed as Andr/Banker-GUA. Based on Svpeng malware, it was first noticed in 2015 as reported by a security firm. It will draw things on your screen above your apps while using accessibility services and set itself as default SMS app.
If the use of accessibility services is granted to Invisible Man then it forms itself as default SMS app. Doing this will allow it to control the screen and the user credit card information is stolen as user provide it in apps and Google play store.
To creates invisible overlays, we draw something on the screen over the legitimate banking apps. The user thinks that they are filling up the information like username and password over the app. This is one of those attempts that steal the financial details of the user and this has taken over the Google Play Store. When users use Google Play store to install the apps, the need to provide their credit card information and their information is sent to attackers.
It is surprising to know that this malware does not infect the Russian users. When it conceding a device, it checks the language and in case the language in the phone is Russian, it stopped all other tasks. If the phone is set to any other language and then this malware ask for permission in order to get the accessibility services and then it run malicious code.
To prevent such new malware, the best solution is to avoid installing bogus Flash Player updates. In case, you installed them by mistake, then don’t give them access to the operating system.
It is recommended to always download apps from trusted platform like Google Play because every app is reviewed before publishing in the Google play.
Play store app is scanned before and after installation and if you receive any warning from play protect while installing any app then do not install that app.
0 comments:
Post a Comment