A DANGEROUS new malware that targets Android devices has been uncovered by cybersecurity experts.

In 2021, researchers discovered a malware designated ERMAC that was attacking Android devices.

A dangerous new malware that targets Android devices has been uncovered by cybersecurity experts.

1

A dangerous new malware that targets Android devices has been uncovered by cybersecurity experts.Credit: SOPA Images/LightRocket via Gett

Now, cybersecurity experts from ESET have found that a new version of the Banking trojan – dubbed ERMAC 2.0 – is active.

The malware targets Android devices via 467 apps that steal users’ credentials and bank information.

ERMAC 2.0 does this by impersonating popular and genuine apps, according to cybersecurity experts.

Cyble Research Labs also found that threat actors can rent the malware for a hefty monthly fee of $5,000.

China starts 'cyber-espionage battle' on Russia with malware plot, report claims
Android warning over 'Joker' malware as users are told to delete seven apps NOW

ERMAC 1.0, which was discovered officially in August 2021, utilized 378 apps and was being rented for $3,000 a month.

“We have observed that the ERMAC 2.0 is being delivered through fake sites,” Cyble Labs noted in a blog post.

The experts added that EMRAC 2.0 also spreads through fake browser update sites.

How does it work?

Once someone installs ERMAC 2.0 via a fraudulent app, the malware requests as many as 43 permissions from their device.

Most read in Tech

These permissions, if granted, may enable the bad actors to take full control of a victim’s device.

Other permissions can get the hackers SMS access, contact access, system alert window creation, audio recording, or full storage read and write access.

Certain permissions can also create a list of apps installed on the victim’s device and share that data with the hacker’s C2 server, according to Tech Radar.

This can result in a complex phishing scheme that harvests the user’s data whenever they try to log onto the affected app.

Some phishing pages being used to trick the victims include banking applications such as Japan’s bitbank, India’s IDBI Bank, Australia’s Greater Bank, and Boston-based Santander Bank, per Phone Arena.

How to protect yourself

Several restrictions placed on Accessibility Service abuse protect devices running Android 11 and 12, according to BleepingComputer.

Texas shooter's haunting last conversation with mom & odd 18th gift revealed
Little People's Zach & Tori Roloff reveal if newborn son Josiah has dwarfism

However, users are still advised to avoid downloading apps from outside Google’s Play Store.

Even if an app is on Google’s Play Store, users should remain vigilant about its legitimacy.

We pay for your stories!

Do you have a story for The US Sun team?

This post first appeared on Thesun.co.uk

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

15 Best Deals: Cameras, Binoculars, and Green Home Goods

This week we’ve got deals to help you spruce up your home,…

9 Resources to Make the Most of Generative AI

The recent wave of generative artificial intelligence services, from ChatGPT to Midjourney,…

China’s Probes Into U.S.-Listed Tech Companies Jolt Investors

HONG KONG—China’s regulatory probes into three technology companies shortly after their U.S.…

New Verdansk ’84 map REVEALED in huge Call of Duty Warzone Season 3 update

AU REVOIR, nuked Verdansk – and bonjour to Verdansk ’84. Call of…