An Android malicious program has emerged, with new capabilities that make it more powerful and more dangerous for a wider range of users. It is originally a banking application, but its new capabilities make it target phones more seriously, other than stealing users’ money and credit information.
The “Sova Android” banking malware first appeared for sale in underground markets in September of last year, with its creator stating that it is still in development, but then researchers discovered that it was able to harvest usernames andpasswords Through “keylogging” and stealing cookies, and adding false information to a range of other applications, according to “ZNet”.
The capabilities of the malware are large and manifold
Cybersecurity researchers at the company “Cleafy” to prevent fraud through InternetSova has been updated with a host of new capabilities, including the ability to emulate more than 200 banking and payments apps, the ability to target cryptocurrency wallets, as well as hardware encryption with ransomware.
This raises the possibility that victims not only lose information including bank details, passwords and other personal data that was secretly stolen by the Trojan malware, but also that their files become encrypted, unless they surrender to the hacker and pay a ransom.
New updates increase the ability of the malware
What makes this software different is that it is still uncommon and takes strong advantage of the opportunity that has arisen in recent years, as most people’s mobile devices have the ability to centralize personal and business data.
The latest update also allows attackers to take screenshots from the device and even record from an infected smartphone, and Sova has been updated with new capabilities several times in recent months, including the ability to intercept MFA tokens, allowing attackers to steal information. Even if the account is protected with an additional recommended defense layer.