Android RAT wipes out your financial accounts and then wipes your phone destroying all evidence

0
44
Self-proclaimed “fraud hunters” at Cleafy Labs are very concerned with a new Android malware called BingoMod, the latest Android RAT (Remote Access Trojan). BingoMod’s goal is to transfer money out of Android devices. Once that is accomplished, the malware wipes the phone adding a new dimension to the attack. 
The money transfers are accomplished using On Device Fraud (ODF) which Cleafy Labs says will “bypass bank countermeasures used to enforce users’ identity verification and authentication, combined with behavioral detection techniques applied by banks to identify suspicious money transfers.” Once installed on an Android phone, BingoMod obtains various permissions including Accessibility Services allowing it to grab sensitive information. Money transfers are made in amounts up to 15,000 EUR ($16,193 USD).

The malware can grab users’ credentials, SMS messages, and current account balances. After funds are transferred out of the phone, the infected device is completely wiped eliminating all traces of BingoMod from the phone. How does BingoMod end up on an Android handset? The process starts when a device owner is tricked into installing an app that pretends to be (quite ironically) anti-virus software. The app, as previously noted, asks for permission to access Accessibility Services. If the app gets this green light, it releases its payload which is aimed at the user’s financial accounts.

The attack targets devices running three languages: English, Italian, and Romanian. Once installed and has access to Accessibility Services, the malware runs in the background and intercepts SMS messages, and tracks the keys pressed on the phone’s virtual keyboard. With this stolen data, the attackers can figure out the credentials needed to log in to victim’s financial accounts via banking, securities, and credit card apps installed on the targeted handset.

To protect itself, BingoMod makes it hard to edit system settings on the targeted device. It also will prevent certain apps from running certain features, and will even uninstall other apps to help it escape detection.

Cleafy says that BingoMod isn’t as sophisticated as other Android trojans such as banking malware SharkBot. But the “fraud hunters” worry that the attack “poses significant risks to end-users and financial institutions due to the potential for substantial economic loss and the disruption of personal data security.”

Maybe life won’t be as much fun for you if you don’t sideload apps on your Android phone, but you might save yourself the worry and concern about having your financial accounts accessed by online thieves. In addition, even if you limit your app browsing to the Google Play Store, you should download apps only from developers that you are familiar with.


👇Follow more 👇
👉 bdphone.com
👉 ultraactivation.com
👉 trainingreferral.com
👉 shaplafood.com
👉 bangladeshi.help
👉 www.forexdhaka.com
👉 uncommunication.com
👉 ultra-sim.com
👉 forexdhaka.com
👉 ultrafxfund.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here