web analytics

The Octo Android spyware is trying to get its hands on your financial information

Hackers may be able to use your device to commit fraud big props to this new trojan.

The evolution of malicious code packages over time is an interesting aspect of the malware life cycle. Threat actors are seizing something that works and improving or extending it. Exobot, a financial malware family that first appeared in 2016, went after consumers in numerous countries until it mutated into ExobotCompact, a remote access trojan (RAT) with multiple new subtypes, in 2018. Octo, a new RAT that evolved from Exabit but has even more deceitful characteristics, such as the ability to mask the trojan’s activity while turning your phone into a vehicle for fraud, was recently found by cybersecurity researchers.

According to Bleeping Computer, cybersecurity researchers at Threat Fabric discovered Octo after detecting queries for it on the dark web. Octo shares several features with ExobotCompact, including efforts to prevent reverse engineering and coding that makes it simple to hide inside an innocent-looking software on the Google Play Store — as well as the clever method of disabling Google Protect upon download, according to Threat Fabric. According to Threat Fabric, Octo’s on-device fraud (ODF) feature is what sets it unique. While ODF isn’t new to the malware world, it is the feature that sets Octo apart from the rest of the Exobot malware family.

Octo gets into the Accessibility service and sets up what amounts to a live stream from the hacked phone to the attacker’s command and control servers, which is updated every second. Then it uses a black screen and disables notifications to keep the innocent user in the dark about what it’s up to. So, while it appears that your device has been turned off, the malware is having a party and performs a variety of operations such as scrolling, tapping, texting, and cutting and pasting while the screen is blank. Octo also employs keylogging software to monitor everything the hacked user types into the smartphone (such as PINs, social security numbers, and OnlyFans messages), as well as the ability to block and intercept push notifications from specific apps.

Octo is a fitting name for a piece of malware with such frightening versatility. Threat Fabric uncovered an innocent-looking software on Google Play called “Fast Cleaner” that was actually a “dropper” for Octo in campaigns when attackers are already utilizing the malware. Droppers are ostensibly legitimate shells that contain malware payloads. They may even perform as advertised, but they are ultimately deadly pills. “Fast Cleaner” was a popular dropper, according to the cybersecurity site, because it was also used to deliver malware varieties including Alien and Xenomorph.

Malicious software is growing more clever with each new iteration, as both Bleeping Computer and Threat Fabric point out, adding capabilities like multi-factor authentication avoidance. It’s easy to feel utterly exposed in this situation. When it comes to securing yourself and your data, vigilance is essential. Keep up with the latest risks by keeping your device updated with the most recent security patches.

More from author

Related posts

Latest posts

“Global Inflation is Rising” How high will the price of bitcoin rise?

Why did Bitcoin rise in price in the second half of March and how its price will change in the near future? Bitcoin's price fell...

9 Best Micro Investing Apps

We're sure you've considered investing at some point, whether you have a steady full-time job or a side hustle. It's one of the most...

The 5 Best Budget Mechanical Keyboards

The durability and comfort of mechanical keyboards are two of their best features. Unfortunately, these advantages come at a high cost, with most mechanical...

WSJ learns about Meta plans to start large-scale layoffs

At the end of September, the company employed more than 87 thousand people. could fall under the dismissal, the newspaper writes. Management has already...

The Crazy But Surprisingly Useful World of Gaming

Online games are quickly becoming a part of pop culture that everyone plays. The desire for better graphics and more realistic gameplay has led...

New games for 2022 add to your Wishlist now Part 1

The biggest new games coming out in 2022 and beyond on PS5, Xbox Series X, Nintendo Switch, PC, and more. The new games for 2022...

11 Top Apps for Stock Market Enthusiasts in the USA

You've probably heard the term "stock market" around your friends or in the news, but what exactly does it mean? Simply put, the stock market...

12 Ways How To Make Money as a College Student

When it comes to money, most college students do not have much. It makes sense, though, given the size of student loans. Furthermore, the...