Malicious new apps are stealing bank details – Here’s what to look for

Malicious new apps are stealing bank details - Here's what to look for
© Darkworx | Dreamstime.com

Screen recordings can be very useful when you want to explain something to a friend. A screenshot can also help you remember places, prices or contact details. But when malware records your screen without your knowledge, you are in trouble.

Malware that steals your personal details isn’t anything new. But the concern level gets raised when apps that are perceived to be secure aren’t.

A cybersecurity company recently made a startling discovery: A malware variant that has screen recording and keylogging as its main function. This poses a major threat to users, as all their personal details can be stolen with ease.

Here’s the backstory

The discovery of malware dubbed Vultur was made by security company ThreatFabric in March this year and was shocked to learn of the malware’s capabilities. The company explained that it was the first time they have seen malware operate in this manner.

What makes it rather remarkable, is that Vultur is Remote Access Trojan (RAT) that automatically harvests personal information. It can be scaled by the hackers according to need and targets banking apps along with others including WhatsApp, Viber Messenger, Tik Tok, Facebook and Messenger.

The built-in keylogger captures everything you type and then sends it to a remote server.

But that isn’t all it can do. The main purpose of the malware is to screen record login details to cryptocurrency wallets and banking apps. Most of the bank apps affected are from Spain, Italy, Portugal, the U.K. and Australia. Crypto wallets that Vultur targets include Coinbase, Coinbase Pro, Binance and HitBTC.

What you can do about Vultur

ThreatFabric was able to determine where the malware originates. It became apparent that Vultur is loaded onto the victim’s phone through infected apps in the Google Play Store and is based on an old virus called Brunhilda.

This strain of malware was found in an app called Protection Guard, which had more than 5,000 installations. The company speculates that Brunhilda could have as many as 30,000 victims since infected apps are also available on third-party app stores.

To keep your mobile phone and private data safe, you should always:

  • Avoid third party app stores – Download apps only from the official Google Play Store.
  • Stick to known apps and developers – Only download popular apps or apps with lots of good ratings. Some malicoius apps will have fake reviews boasting of how great it is. Tap or click here for ways to spot the fakes.
  • Always stay updated – Keep your mobile phone’s operating system up to date.
  • Have trustworthy antivirus software – Install a reliable antivirus solution on all of your devices.

We recommend our sponsor TotalAV for your antivirus solution.

Do you use a PC or a Mac? For phones, is it an iPhone or Android? No matter your preference, TotalAV has you covered. It safeguards Windows, Apple Mac and Android gadgets while also keeping your iPhone and iPad running at peak performance.

Go to ProtectWithKim.com now to save 85% on total protection you can trust. What are you waiting for?

Keep reading

Delete these apps! Scanner, messaging and keyboard downloads are hiding malware

Before your next Google search, beware of these spam ads distributing malware

Tags: antivirus software, apps, Australia, cryptocurrency wallets, cybersecurity, Google Play Store, Italy, keylogger, malware, Portugal, Remote Access Trojan, screenshot, Spain, third-party