New Android Malware 'EventBot' Targets 200+ Financial Apps
The Indian Computer Emergency Response Team (CERT-In) has issued a warning about a new Android mobile banking malware, dubbed 'EventBot'. This malicious software is spreading through third-party app downloading sites, as it is not available on the App Store. EventBot targets over 200 financial apps, including banking apps, money-transfer services, and cryptocurrency wallets. It steals user data by abusing Android's accessibility features and requests extensive permissions upon installation, such as controlling system alerts and reading SMS messages. The malware can read and intercept SMS messages, allowing it to bypass two-factor authentication, and can also read Lock Screen and in-app PINs, providing attackers with more privileged access to the victim's device. It uses various icons to masquerade as a legitimate app and can retrieve notifications about other installed apps and read contents of other apps. The developer or publisher of EventBot is not explicitly identified. CERT-In recommends preventing infection by not downloading and installing apps from untrusted sources and keeping anti-virus solutions updated. EventBot's ability to read SMS messages and bypass two-factor authentication, along with its targeting of numerous financial apps, makes it a significant threat. Users are advised to be cautious when downloading apps and to keep their devices protected with up-to-date anti-virus software.
Read also:
- Strengthening Defense against Multi-faceted menaces in the Age of Authority-driven Technology
- Industries Under Jeopardy Due to Multi-Accounting: Prevention Strategies Revealed in 2024
- Web3 Esports undergoes transformation as Aylab and CreataChain collaborate for a radical change
- Latest Tech Highlights: Top Gadgets of March 2025
