Fresh Android malware targeting mobile banking customers has been discovered by cyber security firm Sophos Labs.
The malware dubbed Invisible Man is a keylogger that lurks in the Google Play Store as a bogus update for Adobe’s Flash Player.
Once downloaded, Invisible Man exploits permissions to accessibility settings whereby it then gains control over functions such as creating invisible overlays on banking apps and setting itself up as the default messaging app.
With such access the malware can suck up usernames and passwords by intercepting keystrokes.
Invisible Man also pops up an overlay on the Play Store to trick users into inputting their credit card details, which it then snatches.
Given Invisible Man lurks behind Flash, which has long been a vector for spreading malware and executing cyber attacks, the solution to avoiding such malware problems is to stay away from downloading and installing unknown apps, especially those claiming to deal with the soon to be completely defunct software.
That being said, there has been a surge in banking malware across Europe this year, so simply avoiding Flash might not be keep you completely safe, and being vigilant of spam and phishing attacks will also be needed to defend against such cyber threats.
Quiz: What do you know about cyber security in 2017?
Major Taiwan chip assembly and test firm KYEC to sell Jiangsu subsidiary, exit mainland China…
Tesla makes key advances toward advanced self-driving rollout in China as chief Elon Musk meets…
New UK rules bring in basic security requirements for millions of internet-connected devices, aiming to…
Google parent Alphabet sees market capitalisation surge over $2tn on plan to over first-ever cash…
Google asks Virginia federal court to dismiss case brought by US Justice Department and eight…
Snapchat parent Snap reports user growth, revenues in spite of tough competition, in what may…