Cybersecurity experts have found a new banking Trojan horse for Android smartphones. It’s called Antidot.
This clever malware pretends to be a real Google Play update app so people will download it.
Once installed, Antidot takes over most of the infected devices, which puts personal and financial information at great risk.
ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service
Banking Trojan Poses as Google Play Update
Antidot has a lot of powerful and scary skills. Keylogging, overlay attacks, SMS exfiltration, screen captures, and password theft are all things that the malware can do.
It can also control the device and carry out orders its operators send.
With this level of control, attackers can change the device from afar, which could have very bad effects on the target.
According to Broadcom reports, Malware talks to its command-and-control (C2) servers through HTTP or WebSocket connections.
This keeps the flow of information between the offenders and the infected device steady.
Attackers can use this channel to send instructions and receive stolen data, making it a powerful tool for cybercriminals.
A big name in cybersecurity, Symantec, has taken steps to keep users safe from this danger.
The company has put the malware into several groups, such as AdLibrary: Generisk, and Android.Reputation.AppRisk: Generisk for risks that target mobile devices.
Symantec has ensured that all WebPulse-enabled products cover observed domains and IPs linked to Antidot under security groups for web-based threats.
Users should be careful and alert when downloading apps, even from places that look safe, like Google Play.
It is very important to ensure that changes and apps are real before installing them.
Keeping security software up to date and turning on real-time protection can also help lower the risk of getting these kinds of malware.
The ways that hackers do their work are also changing, as is the digital world.
To keep your personal and financial information safe from threats like Antidot, you must stay aware and use strong cybersecurity practices.
Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers