EventBot Android Malware Steals Your Banking Details, Bypasses 2FA
Android users need to be on their guard as a new piece of malware has been discovered that can drain your bank account of funds.
As TechCrunch reports, the malware is called EventBot, and it was discovered by researchers at security company Cybereason. It’s believed to be a brand new type of Android mobile malware written from scratch with the specific purpose of targeting financial apps. Cybereason has found EventBot can target over 200 different apps used by consumers and businesses in the US and across Europe.
EventBot masks itself as one of several legitimate Android apps in a bid to get installed on a device. As part of that installation, EventBot requests access to Android’s accessibility services, which allows it to operate as a keylogger, as well as asking permission to run in the background. Once it has those permissions, the malware goes to work logging every key press made, reading text messages, and stealing those messages to bypass two-factor authentication (2FA). It gathers all the information required to successfully access your bank, PayPal, money transfer, or crypto-currency accounts and remove funds.
The good news is, EventBot hasn’t managed to make it on to the Google Play Store yet, but it’s new (first appearing in March) and in active development. Cybereason recommends Android users keep Google Play Protect turned on and never to download apps “from unofficial or unauthorized sources.” In other words, use common sense and stick to the Play Store to remain safe.