Categories: NewsTech

They detect a new banking Trojan in an application to watch television online

From Hispasec they have echoed the detection of a new banking malware on Android, belonging to what appears to be a previously unidentified family, after being analyzed in VirusTotal, Koodous and by Hispasec’s own team.

The malware comes in an APK file called TeaTV. TeaTV is a service to watch series and television online without a license, and in this case, the application is false, since it is not the official one of the service. The file was capable of install an accessibility service on the phone to monitor all phone activity, in order to detect the opening of banking applications.


If you have installed an app called TeaTV.apk, it should be deleted immediately

According to Hispasec, the new malware appears to be from a new family. It is a banking Trojan, although it follows the usual strategy of this type of malware when trying to steal data. This malware take advantage of Android accessibility permissions, which requests nothing else to install. After giving accessibility permissions, the malware is able to detect button presses, changes in text fields and others on our phone. What do they get out of this?

As soon as the malware detects that we open a banking app, it shows us a phishing panel that tries to steal our data
In Engadget Android

Is it necessary to install an antivirus on Android?

As soon as we interact with some element of the interface of our device, the malware receives information associated with it: in other words, you can know when we have opened a banking application.

https://twitter.com/malwrhunterteam/status/1347185412658388992?ref_src=twsrc%5Etfw

If it detects that we have opened it, automatically open a web view with a phishing form, to get hold of our login credentials. In addition to injecting phishing, the malware sends information about the accessibility events it collects, to keep track of phone activity.

The application, as we indicated, is a fake APK, that is, it does not really belong to TeaTV. If we go to the service page, we see that the APK we downloaded is called teatv _ release _ 310.apk, that is, the file name and version. The infected APK is teatv.apk, a copy of the original app, but with malware.

Via | Hispasec


The news

They detect a new banking Trojan in an application to watch television online

was originally published in

Xataka Android

by
Ricardo Aguilar

.

Me Time Tech

Leave a Comment
Share
Published by
Me Time Tech
4 years ago

Recent Posts

Exploring the Top 5 Voice AI Alternatives: What Sets Them Apart?

Exploring the Top 5 Voice AI Alternatives: What Sets Them Apart?

6 months ago

How iGaming Platforms Ensure Seamless Integration of Casino Games and Sports Betting?

How iGaming Platforms Ensure Seamless Integration of Casino Games and Sports Betting?

6 months ago

The Rise of Spatial Computing: Evolution of Human-Computer Interaction

The Rise of Spatial Computing: Evolution of Human-Computer Interaction

10 months ago

Top 10 Benefits of AWS

Top 10 Benefits of AWS

11 months ago

Data Loss on Windows? Here’s How Windows Recovery Software Can Help

Data Loss on Windows? Here's How Windows Recovery Software Can Help

1 year ago

Integrating Widgets Seamlessly: Tips for Smooth Implementation and Functionality

Integrating Widgets Seamlessly: Tips for Smooth Implementation and Functionality

1 year ago