EventBot is a brand new Android malware that targets banking apps and bypasses 2FA

0
175
EventBot is a new Android malware that targets banking apps and bypasses 2FA
We use a number of authentication choices to maintain our delicate data secure from a possible menace. There are ranges of safety accessible to us, together with system-level safety supported by our smartphones and a few third-party apps as properly that assist us in preserving our information within the vault and defend it from any sort of intruders. But on occasion, new invaders arrive and attempt to steal our data in order to benefit from it. One such malware has now been discovered which impacts the Android smartphones and goal banking functions particularly by bypassing even the additional layers of safety.

The identify of this Android malware is EventBot and it has been discovered by the safety researchers’ crew at Cybereason agency. The crew found that the trojan disguises itself as a legit Android app and abuses Android’s accessibility options to ill-treat your information. The crew came upon that EvenBot is utilizing a number of icons to masquerade as a real software. It isn’t at the moment accessible on Play Store but it surely impersonates many icons like Microsoft Word and Adobe Flash to use information.

According to the report from Cybereason, EventBot malware significantly targets delicate data like banking passwords, information from monetary functions. The malware can even bypass the two-factor authentication (2FA), a safety course of that provides an additional layer of safety to make sure the safety of your on-line accounts. The EventBot can learn SMS messages and steal them to unlock the 2FA and thus get deeper entry to your accounts.

Once put in, the EventBot prompts the consumer to provide it entry to accessibility companies and as soon as the permission is granted, it could possibly act as a keylogger and might retrieve notifications about different put in functions.


As per Cybereason’s key findings, the EventBot targets customers of over 200 completely different monetary functions, together with cash switch companies, crypto-currency wallets. Some of those focused functions are Paypal Business, HSBC UK, Coinbase, TransferWise, and plenty of extra. Also, these intruders goal these functions throughout the US, Europe, together with Italy, the UK, Spain, Switzerland, France, and Germany.

The crew says that EventBot is a “brand new” malware and that’s why a matter of their curiosity. According to what the researchers have discovered, the malware is at the moment within the early phases and has actual potential to grow to be the subsequent large cellular malware as properly. The crew discovered that the malware is continually bettering and it has encountered completely different variations of the malware over time because it has quickly advanced and every model is increasing its functionality even additional. In extra up-to-date variations of Android, the EventBot malware even asks for permission to run within the background earlier than deleting itself from the launcher.


The makers behind the malware are unknown and it might take a while to find them and eradicate them utterly. Meanwhile, researchers counsel customers to not obtain any untrusted apps from third-part websites and retailer.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.