Beware of this Android banking malware and here’s how to protect yourself


Not a week goes by without new malware threatening the billions of Android device users around the world. Among the latest dangers to date, we remember the BRATA malware; capable of spying on customer messages sent via their banking application.

This time, we owe the discovery of the day to computer security researchers at Cleafy. Indeed, these experts have detected the existence of a new malware called “Revive” . For now, the first cases have been in Spain around June 15; but everything indicates that the malware could spread quickly outside Spain’s borders, in particular via phishing campaigns.

Unsurprisingly, the malware does not get its name by chance. It is even a direct reference to its main strength. Indeed, if the malware becomes inoperative, whether through the actions of the user or because of a bug, hackers are able to reactivate it remotely at their leisure. And to strengthen its hold on the infected device. As you will have understood, this makes “Revive” a particularly resistant malware and all the more harmful.

As a banking trojan, “Revive” currently targets users of BBVA (Banco Bilbao Vizcaya Argentaria), a multinational banking group based in Madrid and Bilbao. The operating mode is rather simple, since the hackers have opted for a classic phishing campaign.

Gizchina News of the week

Financial services users are the targets of the new Android banking malware “Revive”

android malware

Indeed, BBVA customers receive fake emails, SMS or messages by WhatsApp supposedly from the banking establishment. They are informed of the launch of a new application; and are invited to download it via a link outside the Play Store or App Store.

Read Also:  Summer of Sports: Your Guide to Euro 2024 & Olympics 2024 with Best Live Streaming Android Apps

During installation, the program requires access to many features; such as being able to observe the touch commands performed on the screen; or even being able to access the microphone and the camera. In this way, the malware can scrutinize all the actions of the victim , including all installed applications.

Note also that “Revive” is able to capture the keystroke and intercept unique code SMS used as part of two-factor authentication. “ When the victim opens the malicious app for the 1st time, Revive asks the user to accept two permissions related to SMS and calls. After that, a clone of the targeted bank’s login page appears, and if the user enters their credentials, they pass to the control server,” the researchers explain.

To protect yourself, the recommendation is simple: never agree to download an application, banking moreover, outside of a secure application store such as the Play Store or the App Store. Updating banking apps will still happen through these stores.

Disclaimer: We may be compensated by some of the companies whose products we talk about, but our articles and reviews are always our honest opinions. For more details, you can check out our editorial guidelines and learn about how we use affiliate links.

Source/VIA :
Previous Nothing Phone (1) Appeared On Amazon Germany: Prices Known
Next WhatsApp is working on setting up 3D avatars for video calls