March 25, 2023

A newly discovered Android trojan Dubbed S.O.V.A, a banking malware comes with myriad features to steal credentials and session cookies through web overlay attacks, log keystrokes, hide notifications, and manipulate the clipboard to insert modified cryptocurrency wallet addresses, with future plans to incorporate on-device fraud through VNC, carry out DDoS attacks, deploy ransomware, and even intercept two-factor authentication codes.

Attacks involves the theft of confidential user information using malware that overlays its own windows on top of another program. The pilfering of valid session cookies is particularly nasty as it allows the criminals to log in and take over accounts from the users without the need for knowing the banking credentials.

The second set of features, added in the future developments, are very advanced and would push S.O.V.A. into a different realm for Android malware, making it potentially one of the most advanced bots in circulation, combining banking malware with automation and botnet capabilities.

S.O.V.A.’s developers have been advertising the product on hacking forums, looking to recruit testers to trial the malware on a large number of devices and its bot capabilities.

S.O.V.A.is still a project in its infancy, and now provides the same basic features as most other modern Android banking malware, having a big road map ahead

Tags:

Leave a Reply

You may have missed

Github seizes Exposed RSA SSH Key

Github seizes Exposed RSA SSH Key

March 24, 2023
MITRE Risk Model Manager Platform

MITRE Risk Model Manager Platform

March 24, 2023
Pwn2Own Vancouver 2023 -Day 2 Summary

Pwn2Own Vancouver 2023 -Day 2 Summary

March 24, 2023
Pwn2Own Vancouver 2023 -Day 1 Summary

Pwn2Own Vancouver 2023 -Day 1 Summary

March 24, 2023
ServiceNow AI and Security Enhancements in Utah release

ServiceNow AI and Security Enhancements in Utah release

March 24, 2023
LionsGate Exposes User Data

LionsGate Exposes User Data

March 23, 2023
%d bloggers like this: