By tracking the dark web, cyber security company Found something new , Named Octo. Mentioned This is a newer, more advanced version ExobotCompact.D is an evolution of Exobot malware that was first discovered in 2016.
Like most Key pressures can be recorded for Octo recording And credit card numbers. That too is targeted At the specific, specific bank, it will display a false page on the application that asks the victim to identify himself. Also integrates malware intercepting functions You can block notifications from specific applications or receive commands from the server.
The author can control the smartphone in real time
The main novelty, however, is that the teacher now has the opportunity to deal with itOf the victim. Instead of simply stealing the data and then using it, it will perform the functions directly on the infected device and reduce the risk of detection. Actions from the device and Usually, they are less likely to be flagged as suspicious by the bank or target application.
Depends on the octo function Access Service Android to perform remote actionsPer second. The author can create a script to do them automatically depending on the application, without having to interact directly with the infected device. The Trojan will display a black screen to hide its actions and disable and minimize all notifications At least.
Fake Apps on Play Store
The Trojan was distributed directly on Play through fake applications But a block (Drop) This allows you to install the Play Store to avoid security. To install one of these apps and deceive the victims, the criminal used fake pages that told them to download the browser update on the affected sites. One of the applications mentioned, since it was removed, was Fast Cleaner (vizeeva.fast.cleaner), which was also used to install bank malware. . Other fraudulent applications:Of , Has been downloaded more than 50,000 times. These do not include
- Pocket Screencaster (com.moh.screen)
- Play Store (com.restthe71)
- Postbank Security (com.carbuildz)
- Pocket Screencaster (com.cutthousandjs)
- BAWAG PSK Security (com.frontwonder2)
- Play Store Apps Installation (com.theseeye5)
Shows the limitations of this type of malware , Because it has access to smartphone accounts, can intercept any received message. The victim did not even realize the problem as the screen seemed to be away. The march is only a meticulous look at the installed applications.