Sales League Table 2020 | Banking Technology Winners

Results Announced!

Stay up-to-date with the latest industry news and analysis.

Subscribe to BankTech Daily News today. Limited time offer.

The Black Swan Opportunity | Get your bank digital ready.

IBSI Special 5 Digital Report Package with Special Offer. Subscribe now

Core Banking Market Dynamics Report 2020

Global analysis of core banking system sales. Subscribe now

New Android trojan EventBot steals user data from over 200 financial apps

A new type of Android mobile malware targeting mobile banking by stealing user data and bypassing two-factor authentication has been identified by security researchers.

According to Cybereason Nocturnus, the new banking trojan and infostealer named EventBot is abusing Android’s accessibility features to steal user data from over 200 different financial apps, read user SMS messages and steal them to bypass two-factor authentication.

EventBot, which emerged around March 2020, targets apps across the US and Europe, including Paypal Business, Revolut, Barclays, UniCredit, CapitalOne UK, HSBC UK, Santander UK, TransferWise, Coinbase and paysafecard. Of the 200 on the target list, 111 were other global financial applications for banking and credit card management, money transfers, and cryptocurrency wallets and exchanges.EventBot is a trojan for Android

Cybereason noted that while the trojan is brand new, it has the potential to become “the next big mobile malware” as int is going through iterative improvements to abuse a critical system failure.

EventBot masquerades as legitimate Android apps such as Adobe Flash and Microsoft Word and will most likely be uploaded to rogue APK stores.

Commenting on the discovery of EventBot, Sam Bakken, Senior Product Marketing Manager at security and anti-fraud solutions provider OneSpan, said: “Under the current lockdown situation, being able to offer a secure mobile banking experience has never been more important, so it’s worrying to see the emergence of a new banking trojan targeting banking apps in the US and Europe.

“It’s clear that financial institutions can’t rely on their customers’ mobile devices to be secure, whether they’re Android or Apple. Instead they should take a layered approach to mobile attack prevention, which includes strong mobile security, user-friendly authentication and continuous risk monitoring. Investing in sophisticated in-app protection and app shielding will harden their apps and empower them to protect themselves in hostile environments.”

Cybereason also made a number of security recommendations: keep the mobile device up-to-date with software updates, keep Google Play Protect on, use mobile threat detection solutions and not download mobile apps from unofficial or unauthorised sources.

Furthermore, the security researchers said to always apply critical thinking to consider whether to give certain apps the permissions it requests and when in doubt, check the APK signature and hash in sources like VirusTotal before installing it on the device.

Related IBS Intelligence Research

Related Posts

BNY Mellon to boost real estate fund administration services for Deka Immobilien

BNY Mellon announced today that Deka Immobilien has selected the former’s services for the provision of global fund administration coordination and oversight for its Special Purpose Vehicles (SPVs). BNY Mellon is expected to coordinate accounting data from the SPVs around the world in which Deka funds invest, review the data, translate it into the required […]

This post is only available to members.

Read More »

PPRO study shows younger generations leading the UK alternative payment method adoption

A new study by PPRO has revealed that younger generations are spearheading the adoption of alternative payment methods (APMs), including bank transfers and e-wallets. The study showed that 42% of the Millennials and 35% of the Generation Z respondents have either used the above-mentioned methods of payments before or are confident using them. UK consumers […]

This post is only available to members.

Read More »