Androids Hit With New Banking Malware
By: Jim Stickley and Tina Davis
October 1, 2024
A new malware aiming at Android devices is getting away with bank robbery and more. For those Android devices v.13 and higher, BlankBot banking trojan is hiding in utility apps. This malware is still developing, but the tricks up its sleeve take total control over your device. Here’s what you need to know about this sneaky, stealthy stealer.
Once BlankBot is downloaded, the robbing and other thievery begins. This banking trojan creates custom, fake overlays stealing a username and password, payment card info, and other personally identifiable information (PII). But it doesn’t stop there.
BlankBot also takes device screen recordings, stealing all videos and images on a screen. It logs keystrokes, meaning everything typed on an infected device gets hijacked. BlankBot also receives commands from a remote server for things like launching and uninstalling apps. It also makes system preferences unavailable.
BlankBot’s Dangerous Downloads
So far, BlankBot is able to sneak past anti-virus protections. However, that shouldn’t stop users from installing anti-virus software and keeping it updated. The real problem behind BlankBot infections begins with downloading.
We know Google Play apps go through malware screening before public release. But BlankBot gets installed via third-party app stores that often don’t screen apps for malware. In this case, downloading apps from third-party stores, called “sideloading,” gives this malware a device to call home.
Smart Downloads
Getting apps from Google Play (or your official app store) is just the beginning of smart downloading. Pay close attention to permission requests during downloads. They pop-up fast, so take the time to consider requests before you agree to them. Infected apps try to sneak-in all types of permissions, so if you’re not sure, don’t agree to them and consider not installing the app.
In a malware-filled world, keeping your device safe from infection takes common sense and cyber-smarts. It’s a one-two punch that’ll help keep you and your device protected from malware like BlankBot.