Eventbot- a new mobile banking Trojan is making the rounds on the Internet, posing threats to online mobile banking apps for Android users. The Government of India’s cybersecurity arm Cert-In has already raised an alarm about this malware and advised security agencies to be alert about its projected spread in India.
Currently, the malware is active in the US and Europe, however, Cert-In has warned that some services may affect Android users in India too.
Let’s understand what Eventbot is and how does it affect users
Eventbot malware is a mobile Trojan that steals private and valuable information from mobile banking and financial apps in Android. It hacks into Android’s in-built accessibility features and steals data by reading into SMSs, banking PINs, etc. and bypasses the two-factor authentication criteria that most banking apps have.
Luckily Eventbot malware isn’t on the Google Play store yet. However, they strike through third-party apps by masquerading as popular apps such as Microsoft Word, Adobe Flash Player, etc. Once inside the Android device they have the capability to read notifications, SMS, Pins, etc. and log in to your banking and financial apps. Over time it can also access notifications on your Lockscreen.
Here are a few points you need to keep in mind about Eventbot
1. These malware have icons similar to legitimate applications like Microsoft world, Adobe Flash Player, etc. making it hard for one to identify the malware
2. At launch, these malware seek permission to enable accessibility service
3. It takes installed application info, device info and sends it to a C&C server
4. These malware have the functionality of stealing SMS, accessing screen lock pin, etc
5. It has evolved in 4 versions so far. Older versions use simple packagename “com.example.eventbot” but the latest versions use complicated package names
Till now Eventbot has infected over 200 different financial applications, like Paypal Business, CapitalOne UK, HSBC UK, Santander UK, TransferWise, Paysafecard, and many more.
How can you stay protected from Eventbot malware
Be extremely cautious of what apps you download on your phone. Refrain from downloading apps that look suspicious or asks too many information details at
the time of installing. Always download apps from legitimate sources like Play Store or App Store.
For enhanced protection of your phone from malware like Eventbot or other similar threats, always use a good antivirus on your phone like Quick Heal Mobile Security for Android.
It will protect your phone from any such vulnerability and will guard you against downloading malicious apps on your phone