This wicked new Android malware steals passwords! Know how to protect your phone from this banking Trojan
A vicious new malware has been found by cybersecurity experts which is claimed to be extremely dangerous for the safety of your bank account. This new malicious malware actually steals =passwords of Android users putting their privacy, and security at risk with the potential threat of financial fraud. Surprisingly, the new malware is an upgraded version of the previously found banking Trojan back in 2021. And now, it is active again
Cyble Research Labs reported that it accidentally came across a tweet from a researcher who mentioned ERMAC 2.0 distribution. ERMAC is a banking Trojan for Android that was first spotted in late August 2021, when it was discovered targeting Poland. ERMAC 1.0 had the ability to steal the credentials of 378 different applications. On a cybercrime forum, the Threat Actor was renting it out for $3K each month. Shockingly, Cyble Research Labs revealed that it has recently discovered an improved version – ERMAC 2.0 – is available for hire on underground forums for $5K/month and targets 467 applications for credential theft. Also Read: Shocking! Users getting ads based on private PHONE calls
How does this Android Malware work
The ERMAC 2.0 malware is extremely dangerous for Android phones. Once someone unknowingly installs it via a fraudulent app, then it asks for as many as 43 permission requests. And if these permissions are granted, online fraudsters can take full control of the user's device. Notably, most people grant these permissions while downloading apps. From SMS access, contact access, system alert window creation, audio recording, or full storage read to even access to writing on the device, an online hacker can have full control of your phone. That simply means, that whenever the user tries to log onto any portal, then the hacker can have access to that too. Ominously, it results in the potential risk of leaking banking details. Also Read: Have Apple iPhone? Beware! Hackers targetting you with vicious money-stealing FluBot malware
How to protect yourself from the potential risk of Android malware
- The cybersecurity firm suggests downloading and installing software only from official app stores such as Google Play Store or the iOS App Store. Do not download from unknown websites. Even here, you must be careful and verify more details about the app and its owners as much as is possible.
- Ensure to use an anti-virus and internet security software package for your devices.
- Do not compromise with your password security. Use strong passwords as well as enforce multi-factor authentication wherever possible.
- If your device has features such as fingerprint or facial recognition, then try to use them.
- Beware before opening any links received via SMS or emails.
- Be careful while enabling any permissions. Do read them properly before agreeing.
- Keep checking for the new updates on your devices
- . Never be in such a hurry that you do not pay heed to ordinary safety measures. Hurry always increases danger.