A new Android Malware named ‘EventBot’ targets Android phone users in India and steals personal financial pieces of information.
The Federal Cyber-Secuirty Agency has advised about the same.
As per sources, it is a trojan virus that looks like a legitimate Android app. It might come in the names of applications such as Adobe products or Microsoft Word. Once downloaded and installed, the malware will be activated in the victim’s device.
EventBot is said to be targeted at least 200+ different financial applications including mobile banking apps, money transfer, cryptocurrency wallets, etc in the US and Europe. As per the report, they might also affect users in India as well.
Once affected, the trojan would be able to steal personal information by abusing Android’s accessibility settings. It will also get access to read SMS received as well. This is highly risky because SMSs on your phone might contain confidential information.
Even if you have two-factor authentication enabled, the malware will be able to bypass it as it already got access to SMS in your device.
CERT-In said, “It is a mobile-banking Trojan and info-stealer that abuses Android”s in-built accessibility features to steal user data from financial applications, read user SMS messages and intercept SMS messages, allowing malware to bypass two-factor authentication.”
It is known that the malware is targeting financial applications such as Coinbase, Paypal Business, HSBC UK, Revolut, Barclays, UniCredit, Paysafecard CapitalOne UK, TransferWise, etc.
Every user is advised not to download any app for your device from third party websites. The malware comes in the form of some legit apps or services. If you want to install an app then do it from the Google Play Store and don’t rely on any third party service.
Also make sure that you don’t click on suspicious links sent to you via email, SMS, or any source. Only after confirming the authenticity of the source, take action accordingly.