The malware, called EventBot, resembles a legitimate Android app and abuses Android’s in-built accessibility features to obtain deep access to the device’s operating system, according to techcrunch.com.
Once installed, either by an unsuspecting user or by a malicious person with access to a victim’s phone, the EventBot-infected fake app siphons off passwords for more than 200 banking and cryptocurrency apps, including PayPal, Coinbase, CapitalOne and HSBC, and intercepts two-factor authentication text message codes.
With a victim’s password and two-factor code, the hackers can break into bank accounts, apps and wallets, and steal a victim’s funds.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now