EventBot Steals Banking Passwords And 2FA Codes – Experts Insight

By   ISBuzz Team
Writer , Information Security Buzz | May 01, 2020 08:39 am PST

The research team at Cybereason are investigating a new type of Android malware called EventBot, according to their blog. This malware disguises itself as a legitimate Android app, abusing Android’s in-built accessibility features to obtain deep access to the device’s operating system. Once installed, the EventBot-infected fake app siphons off passwords for more than 200 banking and cryptocurrency apps, such as PayPal and HSBC, and intercepts two-factor authentication text message codes.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
James McQuiggan
James McQuiggan , Security Awareness Advocate
May 1, 2020 4:44 pm

The Android malware attacks are increasing their level of sophistication to what we see on computer operating systems, like Windows or MacOS. Consumers want to make sure they\’re installing software from reputable sources, like the Google Play Store, and not from websites unless they completely trust them.

Based on the current Android operating system configurations, it is advisable to install an anti-malware program to reduce the risk of malware installation. While it might not detect unknown malware, the known signatures can prevent any known attacks.

Last edited 3 years ago by James McQuiggan
Jake Moore
Jake Moore , Global Cyber Security Advisor
May 1, 2020 4:40 pm

Downloading unknown or low- reviewed apps on the Play Store is fraught with danger. These apps can cause damage to a device or even steal credentials such as passwords and one time passcodes (OTPs). Although this should be avoided, another way to mitigate those OTPs being stolen would be to use an authenticator app instead of relying on text messages for two factor authentication (2FA).

2FA should be used wherever possible, and text message OTPs are still safer than only relying on a password to enter an account. However, the most secure way is to use a complex password, unique for every account, and utilize a free authenticator app such as Google Authenticator to protect your online accounts.

Last edited 3 years ago by Jake Moore

Recent Posts

Would love your thoughts, please comment.x