Buzz
This new Android virus spreads by using the names of popular programs like Adobe Flash Player. It's important to note that this Android virus doesn't infect the Adobe Flash Player app on the Google Play Store unless you download APK files from malicious sources where Android.BankBot.211.origin has a chance. Therefore, it's crucial to be cautious and only download APKs from reliable sources.
According to cybersecurity firm Dr. Web, this new Android virus capable of stealing your financial data uses Android's accessibility service to take control of your device, display prompts, allow itself to be added to the device's Admin list, and become the default message handler.
Once BankBot gains full control of your device, it can send specific text messages to any phone number, extract and send text messages to hackers, open links, change company addresses, steal data such as call logs, contacts, app installations, and capture screenshots of your passwords whenever you enter them on websites.
Before BankBot, the CopyCat malware infected millions of Android devices worldwide. CopyCat hid within Android apps outside of the Play Store. When users downloaded and installed them, CopyCat would infiltrate and take control of their devices. So, if you come across any unfamiliar apps, be sure to delete them from your Android device immediately. Refer to how to delete apps on Android to free up storage space and improve device security.
Financial Data Theft
This new Android virus, specially developed to steal banking data, can display fake login forms, fraudulent dialog boxes requesting credit card details, and block the installation of antivirus apps that could prevent its features from running.
Dr. Web reports that the main targets of the malware are Android users in Turkey, but the list of targeted countries has significantly increased, including Android users in Germany, France, UK, and USA recently.
'Android.BankBot.211.origin can attack users using any app. Cybercriminals only need to update the configuration file with a list of target programs. Banks receive this list after connecting to the command and control server,' according to Dr. Web.
The only way to remove this malware is to boot into Safe Mode on Android, remove it from the device's Admin list, and then use an antivirus app on Android to scan. There are many antivirus apps for Android that you can use, such as KIS for Android, AVG for Android, all of which are reputable antivirus apps with effective computer antivirus software.
And of course, prevention is better than cure. You can prevent the new Android virus capable of stealing your financial data from attacking by only downloading APK files from trusted sources, especially from the Play Store.
