Home / Technology / New Android Malware Silences Phones, Drains Accounts
New Android Malware Silences Phones, Drains Accounts
28 Nov
Summary
- Advanced Android malware can silence phones and steal financial data.
- It impersonates legitimate apps to trick users into granting permissions.
- Malware targets banking apps in Vietnam, Malaysia, Indonesia, and India.
Android users face an escalating threat from financial malware, with the latest variant, BankBot YNRK, exhibiting advanced capabilities. This malware can mute device notifications, capture sensitive information from banking applications, and automate cryptocurrency transactions. It operates by hiding within fake applications that mimic legitimate digital ID tools or even Google News, ensuring users remain unaware while it performs malicious background activities. The primary targets include banking apps in Vietnam, Malaysia, Indonesia, and India, alongside various global cryptocurrency wallets.
Once installed, BankBot YNRK seeks Accessibility Services permissions, allowing it to control the device's interface as if it were a user. This enables it to press buttons, read screen content, and bypass security prompts. It also elevates itself to a Device Administrator, making removal difficult and ensuring its persistence. By monitoring the clipboard, it can steal copied OTPs, account numbers, or crypto keys, and can even reroute incoming bank verification calls.
Protecting against such threats requires vigilance. Key preventive measures include installing robust antivirus software, avoiding downloads from unofficial sources, and maintaining up-to-date system and app versions. Utilizing password managers for unique credentials and enabling two-factor authentication adds crucial layers of security. Regularly reviewing app permissions and uninstalling unfamiliar applications are vital steps to mitigate the risks posed by advanced mobile malware like BankBot YNRK.
