Updated: May 17, 2020 12:25:02 pm
The Indian Computer Emergency Response Team (CERT-In) has issued an advisory warning people against a trojan called EventBot, which can affect Android smartphone users in the country and steal their personal financial information.
According to the cyber-security agency, a trojan is essentially a type of malware that is attached to what seems to be a legit programme. The EventBot is a banking trojan or a banker Trojan that specifically targets the financial apps on the phone and the financial data of its victim.
Banking malware EventBot
The CERT-In advisory said that EventBot is a “mobile-banking Trojan and info-stealer that abuses Android’s in-built accessibility features to steal user data from financial applications, read user SMS messages and intercept SMS messages, allowing malware to bypass two-factor authentication.”
“The EventBot trojan has over 200 different financial applications under its target, including banking applications, money-transfer services, and cryptocurrency wallets, or financial applications based in the US and European region,” the agency added.
CERT-In noted that EventBot has not been spotted on the official Google Play Store as of now but it can “masquerade” as a genuine application to cheat users.
The cybersecurity agency noted that the malware asks for permissions such as “controlling system alerts, reading external storage content, installing additional packages, accessing the internet, whitelisting it to ignore battery optimisation, auto-initiate upon reboot, read and receive SMS messages as well as continue running and accessing data in the background” once it is installed on victim’s Android phone.
How to save yourself from EventBot
CERT-In has suggested certain counter-measures for Android phone users to save themselves from the virus infection. These steps include not downloading or installing applications from untrusted sources like unknown websites or links sent over mail or SMS.
Users should also look at the app reviews, details, number of downloads, and user reviews of an app before downloading from the Play Store. Other security steps include installing an updated anti-virus solution and keeping their phone updated with the latest Android updates and patches. Users should also exercise caution while tapping on URLs and avoid using unsecured or unknown Wi-Fi networks.
“EventBot is a typical malware designed to steal data of financial applications on a victim’s phone. As organisations merge personal technology with corporate devices, these are one of many malware-infected apps that could permeate an organisation’s network,” Adam Palmer, Chief Cybersecurity Strategist at Tenable said.
Express Tech is now on Telegram. Click here to join our channel (@expresstechnology) and stay updated with the latest tech news
“As remote work becomes the norm, we encourage organisations to continually assess their networks for security vulnerabilities as it can help to prevent everything from unauthorised access to applications to identifying underlying software flaws that expose sensitive data,” he added.
📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines