The ability of malware to disguise
Where cybereason discovered that this malicious program has the ability to disguise itself as a legitimate Android application, such as Microsoft’s word or adobe flash, and then abuse the accessibility features included in Android for deep access to the operating system.
When you install any application that includes this applicationFor malware It cleverly steals passwords for more than 200 banking and encryption applications. Examples of these applications are (HSBC) or coinbase and paypal or capitalone, and it intercepts text messages for use in the two-factor authentication feature.
The malicious software confuses security researchers
Researchers at cybereason have said that event bot software is still in the development stage. It was discovered last March and researchers saw the malware evolve repeatedly every few days to include new harmful features, as its developers improved the encryption system used to communicate with the server, as well as They have introduced a new feature that can get the user’s device lock code. The malware has confused security researchers about who is behind this campaign, especially since it is completely new and their advice was to avoid unreliable applications from third-party websites and stores, and each application must be closed separately with a password and check the powers before and after downloading the application and do not install applications from Outside the official store, and don’t click on links you don’t know.