Jump to content
  • Sign Up
×
×
  • Create New...

Cybersecurity firm warns Android users to watch out for money-draining malware


Pelican Press
 Share

Recommended Posts

This is the hidden content, please

Cybersecurity firm warns Android users to watch out for money-draining malware

data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///ywAAAAAAQABAAACAUwAOw==

Researchers at cybersecurity company Cleafy are warning people about new Android malware that can steal money from their bank accounts. It’s called BingoMod and is a type of remote access *******, or RAT for short. Cleafy discovered it back in May 2024 and recently published a 

This is the hidden content, please
This is the hidden content, please
explaining how the malware operates. As you read the post, you’ll quickly realize just how threatening it is.

According to Cleafy, the bad actors behind BingoMod engage in “smishing” campaigns.

This is the hidden content, please
is a portmanteau of “SMS” and “phishing” and is normally a “social engineering *******” that utilizes fake text messages to trick people into downloading malware. In this instance, BingoMod takes the form of a “legitimate antivirus” app. 

It’s gone under several names: Chrome Update, InfoWeb, Sicurezza Web, WebInfo, and more. Plus, as

This is the hidden content, please
, the malware has even taken the logo for the legitimate AVG Antivirus & Security tool as its own. 

Upon installation, BingoMod instructs users to “activate Accessibility Services” to enable the security software. However, in reality, it gives the malware permission to infect a device. 

Remote ******

BingoMod then functions discreetly in the background, stealing login credentials, taking screenshots, and intercepting texts. Since the malware is so deeply integrated within a smartphone’s system, bad actors can control it remotely “to perform on-device ******” or ODF. It is here where the malware begins to send fraudulent transactions from the infected device to an outside location.

A phone’s security system can’t stop this process because BingoMod not only impersonates users but also disables said system. Cleafy states the malware is able to “uninstall arbitrary applications,” preventing security apps from detecting its presence. Once all these obstacles are gone, the threat actors can, at any time, wipe out all the data on the phone in one fell swoop.

If that’s not enough, an infected device could be used as a jump-off point to spread the malicious software further via text messages.

How to prevent being infected

It is a scary situation, but what’s scarier is whoever is behind BingoMod is still actively working on it. Cleafy says the developers are looking for ways to “lower its detection rate against AV solutions.”

We only scratched the surface, so we highly recommend reading the report, which goes into deeper detail. The writers included pictures of the software’s code and some of its commands. Additonally, they found evidence indicating the person behind it all may be based in Romania, although they have help from developers across the world.

To protect yourself, the best thing you can do is not click any links from unrecognized or unverified sources. Be sure to download apps from reputable platforms such as the

This is the hidden content, please
Play Store.
This is the hidden content, please
told BleepingComputer that Play Protect is capable of detecting and blocking BingoMod, which is great, but we still strongly suggest exercising your due diligence.

For more robust protection, check out TechRadar’s list of the best password managers for 2024. 

You might also like



This is the hidden content, please

#Cybersecurity #firm #warns #Android #users #watch #moneydraining #malware

This is the hidden content, please

This is the hidden content, please

Link to comment
Share on other sites


Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.