An advisory warning has been issued by the Indian Computer Emergency Response Team (CERT-In) by warning people against a trojan called EventBot, that can affect Android smartphone users in India and can also steal their financial information.
Also Read:
New Campaign To Distribute Malicious Trojan Uncovered
The cybersecurity agency says that a trojan is essentially a type of malware that gets attached to that what seems to be a legit program. EventBot, one that is a banking trojan or a banker Trojan specifically targets the financial apps on the phone, and also the financial data of its victim.
More About Banking Malware EventBot
Experts say that EventBot is a ‘mobile banking Trojan’ and also an information stealer, a one that abuses Android’s in-built accessibility features, in order to steal user data from financial applications, thereby reading user SMS, and also intercepting messages, allowing malware to bypass two-factor authentication.
The agency further said that the EventBot trojan has over 200 different financial applications under its target, which includes banking applications, money-transfer services, and cryptocurrency wallets. However, during the time of writing this article, EventBot could not be spotted on the official Google Play Store.
Permissions are quite often taken for controlling system alerts, reading external storage content, installing additional packages, accessing the internet, and also whitelisting it and ignore battery optimisation, auto initiating upon reboot, and reading and receiving SMS, while continuing accessing data in the background.
How Can People Save Themselves From EventBot?
Several countermeasures have been suggested by CERT-In for Android users, in order to save themselves from the virus infection. One of the most important of these are not downloading or installing apps from untrusted sources like unknown websites, or like those unknown websites or links that are sent over mail or SMS.
Additionally, it’s the user’s responsibility to look at the app reviews, details, number of downloads, and user reviews of an app before downloading from Play Store. Also, other security apps like installing an updated anti virus solution, and keeping their phone updated with the latest Android updates and patches, would help solve the problem. Also, users can exercise caution while tapping on URLs, and avoid using unsecured or unknown Wi-Fi networks.