Categories: AndroidTechTutorials

Android malware to steal bank details

What is more worrying is the trend, since so far in 2021 there have been too many malware for our liking, exceeding the average of normal. System Update, Flubot, WhatsApp Rosa and BRATA are some of those that cybersecurity researchers have discovered, and we are only in May.

This is how this banking Trojan works

To be clear and concise, it is a new malware that affects only Android and has been discovered by Cleafy, cybersecurity company. As stated in their report, TeaBot is a banking malware that tries to steal victims’ credentials and SMS messages to access the bank’s data.

By clicking on the link that comes in the text message, a web page very similar to MRW’s is opened and it asks us to let’s install an application from outside the Play Store to track our package.

Once it is installed on the victim’s mobile, attackers can remotely view and control the screen, thanks to the accessibility permission, which allows complete control over the device. These are some of the actions you can take, although the summary is that can control all mobile.

  • Send and intercept SMS messages
  • Read phone status
  • Modify sound settings to silence the phone
  • Show a pop-up about other apps so that we accept permissions
  • It is capable of deleting applications

On a technical level it is very similar to Flubot. TeaBot hides under the name DHL, UPS, VLC MediaPlayer or Mobdro, that is, impersonates other applications. Once we install it, it asks us for accessibility permission and, when it has it, we have already fallen into the trap.

This new banking malware can bypass Google’s malware review system, called Google Play Protect, intercept verification SMS messages sent to us by our bank and even access the codes of the Google Authenticator double authentication.

Avoid downloading Teabot, especially if you are Spanish

TeaBot is attacking all over Europe, with Spain as the main victim, followed by Germany, Italy and Belgium. The researchers say that it is in its early stages of development, so it could behave more aggressively for the next several weeks. That is more worrying than the fact that there is malware circulating.

As we mentioned, or rather as they assure in this company, it is being primed especially with Spain and with the country banks. This makes it much easier for them to access users’ bank details and account to do who knows what with that money.

The solutions are few if you have already clicked on that message and installed the application, beyond taking drastic measures on your bank account and contacting the bank. If that situation has not yet reached you, the arrangement is much simpler.

To avoid falling into this type of malware basically We recommend that you do not install third-party APKs Unless you are clear about its origin and operation. In addition to this, do not give accessibility permissions lightly, since they can completely control your device through it.

Me Time Tech

Recent Posts

Exploring the Top 5 Voice AI Alternatives: What Sets Them Apart?

Exploring the Top 5 Voice AI Alternatives: What Sets Them Apart?

6 months ago

How iGaming Platforms Ensure Seamless Integration of Casino Games and Sports Betting?

How iGaming Platforms Ensure Seamless Integration of Casino Games and Sports Betting?

6 months ago

The Rise of Spatial Computing: Evolution of Human-Computer Interaction

The Rise of Spatial Computing: Evolution of Human-Computer Interaction

10 months ago

Top 10 Benefits of AWS

Top 10 Benefits of AWS

10 months ago

Data Loss on Windows? Here’s How Windows Recovery Software Can Help

Data Loss on Windows? Here's How Windows Recovery Software Can Help

1 year ago

Integrating Widgets Seamlessly: Tips for Smooth Implementation and Functionality

Integrating Widgets Seamlessly: Tips for Smooth Implementation and Functionality

1 year ago