Beware of new SOVA malware! It could steal data from Gmail, GPay, and others | Tech News

Beware of new SOVA malware! It could steal data from Gmail, GPay, and others

A new SOVA malware has recently been operationalised by hackers. It packs a new ransomware feature that encrypts files on your mobile.

By: HT TECH
| Updated on: Aug 18 2022, 19:31 IST
Malware
Black Basta Ransomware has attacked 12 companies in just a few weeks. (Pixabay)

A new malware is reportedly being operationalised by hackers that is stealing data from Gmail, GPay and Google Password Manager accounts. Dubbed as SOVA malware, it is spreading to other online platforms such as banking apps and online shopping services. According to reports, hackers use the bugs to send and steal two-factor authentication (2FA) codes so that they can get access to Victims' data. For the unversed, 2FA codes are used to verify that an account is being logged in by the owner only. Though it's believed to be the safest way, hackers use SOVA users to overlay a fake display on a phone's screen so that they can steal usernames, passwords and codes.

The most scary thing about this malware is that it uses fake versions of trusted apps, such as Google's Chrome, Amazon NFT platform or others to enter the device.

You may be interested in

MobilesTablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
23% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

What is SOVA malware?

Also read
Looking for a smartphone? To check mobile finder click here.

SOVA malware is an Android Banking Trojan that was first discovered last year in September. It steals banking data and 2FA codes. According to Cleafy, until March 2022, SOVA was found to be responsible for 2FA interception, cookie stealing and injecting new targets. However, in July 2022, SOVA (v4) was detected targeting more than 200 mobile applications, including banking apps and crypto exchanges/wallets. Moreover, it contained refactored and improved code to operate more stealthy on the compromised device. Its latest version, 5.0, even adds ransomware to the device. It uses AES encryption to lock all files in the target devices and affix the ".enc" extension on the renamed, encrypted files.

It has recently been spotted actively growing in the UK, USA, Italy, Spain and Germany. In order to protect yourselves from SOVA malware, it is advisable to download apps only from well-known developers and software from trusted sources such as the Google Play Store.

One must avoid downloading or clicking any link received via text message or social media.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 18 Aug, 19:31 IST
NEXT ARTICLE BEGINS