News Security

Android smartphone users vulnerable to EventBot banking virus

Android smartphone users vulnerable to EventBot banking virus
  • PublishedMay 15, 2020

The COVID-19 is at its extreme peak in India. However, things are not in a good direction for the digital world as well because of the eruption of the new EventBot banking virus on Android smartphones. According to Indian Computer Emergency Response Team (Cert-In), a new banking virus named EventBot is currently spreading rapidly among vulnerable Android smartphone users in India. The Eventbot banking virus automatically steals data from banking and other financial apps. Moreover, the virus gains control over the victim’s device and reads the stored PIN.

The EventBot banking virus is a mobile banking trojan and infostealer, which leverage the loopholes in Android’s integrated accessibility features. The virus steals user data from financial applications including the ability to read and intercept SMS messages. The malware bypasses two-factor authentication.

Affected Services

The EventBot is designed to target over 200 banking apps, money transfer services, cryptocurrency wallets, and other financial apps. The virus will target Barclays, CapitalOne UK, Paypal Business, Coinbase, paysafecard, Revolut, HSBC UK, UniCredit, TransferWise, and much more.

Crush into Android smartphones

Android smartphone users in India will be likely affected by this new banking virus. It will take few days for the virus to become active globally similar to that of the COVID-19. The EventBot virus makes use of several icons to masquerade as legitimate apps such as Microsoft Word, Microsoft Excel, and Adobe Flash.

You will download the real-look like third-party apps and the virus will sneak into your device without your knowledge. The banking virus is capable of retrieving notifications of other apps and content including the ability to read LockScreen and in-app PIN. The hackers will be able to gain more control over the victim’s devices over the period of time.

How to avoid EventBot banking virus?

The Cert-In has issued an advisory for the users not to download and install any app from third-party websites and other untrusted sources. The apps should only be downloaded directly from Google Play Store. You should verify developer name, total number of downloads, user reviews, and other additional information. Moreover, you should regularly update Android by installing the patches provided by the manufacturer. You should ideally eliminate old smartphones and invest for the latest Android smartphone. You should always install the app provided by your banking provider directly from the Google Play Store. If you receive an app in the form of .APK file, you should not proceed further with the installation. The Google Play Store should be the sole destination for the installation of apps. Make sure to update the app from the Play Store once in a while.

Written By
Anand Narayanaswamy

Anand Narayanaswamy is the founder of Android Rules and is an active blogger and social media influencer. Anand had contributed several articles for various publishers across the world. He is also an active contributor to a popular India-based technology magazine. He also works as a social media influencer for various popular brands. Anand can be reached at netans@gmail.com

Leave a Reply

Your email address will not be published.