Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Mobile users haveĀ quickly become a favorite target among cybercriminals. That is not entirely surprising, sinceĀ there are more smartphones in existence than there areĀ computers or laptops. A popular new Android malware is being openly sold on Russian hacking forums and has security researchers concerned. Svpeng is a well-known banking Trojan thatĀ is quite powerful.
Svpeng Android Banking Trojan Is a Big Problem
There is no shortage of malware inĀ the Android ecosystem. Criminals have beenĀ attacking theĀ operating system with all kinds of threats, including banking Trojans, keyloggers, info stealers, and others. Svpeng is just one of these threats, but it is extremely concerning. ThisĀ banking Trojan only just started making the rounds last month andĀ has already claimed several victims. Its rapidĀ success is rather remarkable.
Svpeng has just received a major upgrade makingĀ the malware an even bigger threat. There is a major distribution campaign linked to this Android banking Trojan right now. The updated malware is being sold across Russian hacking forums atĀ a very low price. Giving more people access to powerful banking Trojans such as this one will only cause more problems for consumers all over the world in the long run.
The story of Svpeng itself is pretty strange. It is one of the oldest Android malware families known to date, yet it has never amounted to much until recently. It was the first banking Trojan to employĀ tactics such as stealing money through SMS-based account management services, overlaying fake login screens, and introducing new ransomware features. Considering how Svpeng has been around since 2013, it shows that at least one person has been keeping tabs on this banking Trojan and has added new features in the process.
Svpengās most recent update includes a keylogger. This means the malware can successfully record anything the user types on his or herĀ device without being aware of it. Interestingly enough, this is all made possible thanks to the Android Accessibility feature, which is used by other malware types as well. It means that most Android users would never know they wereĀ dealing with this banking Trojan in the first place, sinceĀ there is no indication it is even active on the device.
Distribution of Svpeng occurs in creativeĀ ways as well. Right now, it is being distributed as an Adobe Flash application for the Android ecosystem. The previous versions of this banking Trojan were often distributed through malvertising, which has been a powerful tactic to get malware onto as many devices as possible. It appears that the new distribution campaign targets users on a global scale, allowing the developers to steal financial credentials from dozens of major banks in variousĀ countries.
The fact that this malware is now actively sold on Russian hacking forums will only further complicate the situation. It is being advertised as the CryEye banking Trojan, although that is not its official name. So far, however, there is no real reason to panic, as the seller has not yet gained the trust needed to generate significantĀ sales. That situation couldĀ change instantly, though. Experienced users know that this is the new version of Svpeng, not a new banking Trojan altogether.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.