As we stay home during COVID-19, mobile banking has become an integral part of our lifestyle. Almost everyone is forced to use banking on their computers, phones or apps. While this is convenient, it also comes with potential risks attached.
WHAT’S THE RISK?
The recently discovered “EventBot”, is an Android banking trojan. It’s a revolutionary step in the world of mobile banking.
Using Android’s accessibility features, EventBot is designed to steal personal and confidential information from the accessed systems.
The newly identified trojan also possesses the ability to intercept messages and can skip through the ever so secure “two-factor authentication” method.
DAMAGE SO FAR
PayPal, Barclays, HSBC, Santander Bank and other more than 200 financial institutions have been on the target list of EventBot. The targeted organizations not only operate in the United States, but around the world including Europe and Asia.
HOW DOES IT MAKE EventBot A BIG DEAL
Unlike other malware and cyber threats, EventBot has shown a history of evolution discovered by researchers. Identification of these updates has shown major improvements in the software, adding new features with each update makes EventBot as the next level mobile threat powerhouse.
Australian financial institutions like Bank of Melbourne and Commonwealth Bank of Australia recently reported cyber attacks from “Mandrake Spyware” significantly targeting the mobile banking of these institutions.
Approximately 800,000 users from Russian banks became victims to “Geost”, an Android banking trojan in March 2020.
SUGGESTED GUIDELINES
Pay close attention to the authenticity of any app you may download on your device. Ensure that the app is downloaded directly from Google Play and not from any unknown webpage. Strictly deny if the app requests permission to access text messages. In a sensible world, NO mobile banking app needs access to your text messages or emails. It’s a red flag right there. Do not download unnecessary phone cleaners or performance enhancers that may download malicious files on the device.
