Android: they detect a dangerous malware that steals the keys to banking applications

Android: they detect a dangerous malware that steals the keys to banking applications

New malware is detected on Android. (photo: hypertext)

The security booster android adds a new competitor to its malware category: octobernewly discovered intrusive software that can integrate into any application from Google Play Store to control the device at any time without the knowledge of the user.

Once infected, attackers take control of the PhoneWhat steal the passwords of the various banking applications that the user has installed as you enter them.

One of the great advantages of Android is that there are many options when installing new applications, which also becomes a disadvantage: because of this freedom, there is more risk of installing a Software which has no good purpose.

It is something that appears almost every week when new malware appears. The last has a name: Oct.

Octo can go unnoticed as an update in an app. And breaking into a phone opens the door for attackers to do whatever they want with it.

Research by security firm Threat Fabric revealed how this new malware, a type of bot, is able to infiltrate applications without being detected by the system. Its automatic operation disabling Google Play Protect is one of the first attack measures.

Then layer the apps on log keystrokes, open a window on the phone and enable remote interaction. Anything the user cannot notice.

Octo cheat capabilities.  (photo: threat fabric)
Octo cheat capabilities. (photo: threat fabric)

Octo, the name given to the malware by the developer, is part of the ExoBota type of malware that has evolved since its development in 2016.

With the integration of Octo in the applications used as a hook, the malware opens a VNC (Virtual Network Computing) session with the attack panel to transmit screen by Diffusion; while using accessibility tools to capture and simulate panel keys.

Octo Malware.  (photo: 20 Minutes)
Octo Malware. (photo: 20 Minutes)

As Octo overlaps other applications without the user noticing, an attacker can remotely observe how enter passwords for banking applications.

You can also follow Two-step SMS verification codes, view contacts from WhatsApp and other private information.

Threat Fabric claims Octo has been exploited in a variety of apps, some on Google Play. And he aims break the security of most banking applications, an indication of the enormous dangers of malware.

Malware Octo steals passwords from banking apps on Android.  (photo: Five Days)
Malware Octo steals passwords from banking apps on Android. (photo: Five Days)

How to Access Safe Mode to Remove Suspicious Spy Apps on Android

When the reboot portable in Safe mode, all third-party apps are disabled and this allows you to remove apps that otherwise could not be removed. It should be noted that this will not work if the malware had root access to the system.

To boot into safe mode, you need to press the power button until this alternative appears. On some models, when you press the power button, the option appears To extinguish and you have to press again until the caption appears Safe mode then click again on this option.

Android safe mode.  (photo:
Android safe mode. (photo:

Then you have to go to Setting and there enter Apps. You will see a list with all downloaded apps. You should check if you find one with a strange name or you don’t remember downloading it and delete it.

Before doing so, should do a search to know what is deleted from the device and avoid uninstalling a useful program that may affect its proper functioning.

In case of suspicion that cannot be removed, you must enter Setting Is Settings/Lock Yes Security/Other security settings/Device administration. He must Disable suspicious program access.

If none of this works, you can resort to a copy of all cell phone information and make one factory restore in the menu of Settings.


Leave a Comment

Your email address will not be published. Required fields are marked *