Read Time:1 Minute, 48 Second
SOVA Android Banking Trojan has made an unforeseen comeback with advanced capabilities and increased targets.
Australia, China, Brazil, India, the Philippines, and the U.K are on target. Reports from the Italian cybersecurity firm Cleafy have claimed a threatening revival of the SOVA Android Banking Trojan with upgraded capabilities. Up from 90 apps when it started, it can now target up to 200 mobile applications, banking apps, crypto exchanges, and wallets.
The SOVA Android Banking Trojan first appeared in 2016 and was used in several high-profile attacks. In 2017, the SOVA Android Banking Trojan was used in an attack on a central bank in Russia. It has also been used in attacks on banks in Ukraine and Turkey.
The SOVA Android Banking Trojan has been seen targeting several new countries, including the United States, Canada, Australia, and the United Kingdom. The SOVA Android Banking Trojan is believed to be responsible for several recent attacks on financial institutions in these countries.
In September 2021, it struck the financial and shopping apps from the U.S. and Spain. Hackers harvested all the credentials through overlay attacks via Android’s Accessibility services.
The sophisticated piece of malware is constantly evolving. The SOVA Android Banking Trojan has also used a new strategy to steal two-factor authentication codes.
It is also facilitating the foundation for another malware called MaliBot. The goal is to target cryptocurrency wallets and online banking users in Italy and Spain. The new variant of SOVA, dubbed v4 by Cleafy, conceals itself within fake applications by featuring logos of legitimate apps to deceive users into installing them.
The latest update has strengthened the malware by leveraging its wide-ranging permissions to deflect uninstallation attempts. It will redirect the victim to the home screen and display a toast message, “This app is secured.” A ransomware component is expected to be incorporated in the next iteration. The continuous advancement will make SOVA a formidable threat in the mobile threat landscape.
“It strongly leverages on the opportunity that has arisen in recent years, as mobile devices became for most people the central storage for personal and business data,” reported by the researchers.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
