Once again the millions of users of the main operating system for mobile devices around the world should be on alert when making use of certain applications in Android for certain problems related to the security and privacy of their data.
Android New Virus detected
We say this because it has just been made public that these are being attacked these days by a new form of malware that has already been called by the security company Dr Web as “Android.BankBot.211.origin”. Specifically, this malicious code is trying to get financial data hosted or used in the smartphone, but it has also been designed to try to extract other sensitive information such as the user’s personal contact list or text messages.
The most dangerous of this particular case is that this malware is played using the name of programs as popular as Adobe Flash Player, for example, although it is important to know that BankBot has not yet reached the Google Play Store. This means that, unless we download APKs from malicious sources to this day we should be fully protected, at least from this attack. Therefore, and once again, we must be very careful when using or downloading applications from stores other than the official search engine.
To give us an idea, the security company says that this malware uses the Android Accessibility Service to “take control” of the phone, all showing a request message that would allow it to be added to the list of administrators of the device and become the default message manager. After this move, BankBot will be able to send an SMS with a specific text to any other number, extract the text messages and send them to the attacker, open links, steal data such as phone call information.
BankBot steals our financial data
In addition to this, as it was specifically developed to steal bank data, this is malware that can display fake input forms for us to type in the login credentials of our banking applications. Thus the phishing attack requests the details of the credit cards and also blocks the installation of anti-virus applications that could prevent their own functions from running. Since Dr Web claims that this malware was aimed primarily at Android users in Turkey, but ultimately the attack has spread across much of Europe and the United States.
Keep in mind that Android.BankBot.211.origin can attack users of any application since cyber criminals just have to update the configuration file with the corresponding program list. Finally, we will say that eliminating this malware is possible by deleting its entry from the list of device administrators and then scanning the system with an antivirus that detects the infection and eliminates it.