Vultur Malware Targeting Android Banking Customers

A new malware strain that has been discovered called Vultur and is targeting banking customers using invisible windows and keylogging to capture their banking data on Android phones.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Sam Bakken
Sam Bakken , Senior Product Marketing Manager
InfoSec Expert
August 3, 2021 2:56 pm

<p>This attack is novel in that it relies on reading and recording a mobile device\’s screen or keylogging to steal a user\’s credentials rather than overlay attacks. Screen-reading and keylogging malware can be less a resource-intensive method than overlay attacks that mimic targeted banks\’ mobile app or mobile website log-in screens. The attack started with a malicious app published on the Google Play Store. While Google does seem to respond to alerts of malicious apps, that\’s no comfort to victims that have already been fleeced of their credentials or funds. A recent report from AV-TEST also showed that Google Play Protect, whose objective is to identify malware, placed last amongst its mobile security app peers. The key takeaway here is that developers/publishers of mobile apps that facilitate payments or other banking activities should not assume their apps and users are protected by the Android operating system or the Google Play Store alone. They need to take additional action with multiple layers of security including strong customer authentication and app shielding which when integrated into a mobile banking app, for example, will continuously monitor the app and shut it down if screenreading or keylogging activity, such as that executed by this Vultur malware, is detected.</p>

Last edited 1 year ago by Sam Bakken
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x