EventBot is a famous android app. This app is famous among users for various reasons. By installing this app, the users can create events inside the Slack. You can also set reminders and time zones on this app. This app also allows users to schedule recurring events. To import and export events with the help of this app are also possible. You can also track the holidays and sick days with the help of this app. Security researchers have sounded the alarm that EventBot is creating some security issues. The main targets of this app are the banking apps and cryptocurrency wallets. According to these researchers, this android app has some in-built accessibility features. With the help of these in-built accessibility features, this app is gaining deep access to the operating system of this device. The key findings of the security researchers are given below;
- According to security researchers, it is a mobile banking trojan because this app is stealing the information. EventBot is stealing the information of the users from the financial applications. This app also reads the SMS in the mobile of the users. After reading the SMS, it will be easy for the users to bypass the two-factor authentication.
- Security researchers have also revealed that this essential app is targeting more than 200 financial apps. In these 200 financial apps, there come banking apps, money-transfer apps and cryptocurrency wallets. The most secured financial apps like PayPal and CapitalOne UK are also facing some security issues from this app.
- They have also revealed that the main target of this app is to steal the banking information of the residents of the European countries. Almost all the banking apps of the European countries are the main targets of this app.
- An interesting thing about this app is that this app is at the initial stage. If we don’t stop it in its initial stage, this app can become a cause of big malware. This app is improving its features constantly. This app is trying to create a critical and abusive operating system to target financial apps.
- When this app was launched, it was not such a dangerous app. After that this app has made some changings and nowadays, this app has become the most dangerous mobile malware for the users.
After installing this app, EventBot will try to get access to your phone either as a malicious user or as an unsuspecting user. This mobile app will try to get access to more than 200 financial apps by two-factor authentication. When they get access to the passwords and two-factor authentication of the users, this app will try to break into the banking app. As a result, they can easily steal the funds of the victims. According to security researchers of a dissertation help company, the developer of this app has spent lots of time and efforts to create the code of this app. That’s why the level of sophistication of this app is very high. It means that it is not an easy task for us to get an idea about the security issues of this app.
The malware of EventBot keeps a record of all the keys and taps of the users. After keeping records of these keys and taps, this app also gets notifications from installed apps in the android phone of the victims. In the background, they can create a window. This window will tell them what’s happening in the mobile phone of the victims. As a result, this app can easily get access to the passwords and two-factor authentication of financial apps. The security researchers have also revealed that in the first two weeks of March, they have seen some malicious activities in this app. With the help of these malicious activities, this app is including new features constantly. As a result, the users are getting notifications of new malware attacks after a few days. The hackers can also get access to the mobile devices of the victims at their servers. To unlock mobile phones, they also steal the password of the users.
They have also tried to know the campaigns behind these apps. At last, they come to know that this malware is brand new. Its reason is that in this malware, they have not found the clues of the copy-paste or code reuse issues. It means that this malware is written from scratch. Anyhow, this kind of malware is not new. Its reason is that hackers and malware attackers constantly create these kinds of apps and they try to steal the private information of the users. Most of the android phone users have financial apps, social media apps and some other kinds of apps. By getting access to these apps, it will be easy for the hackers and malware operators to steal private information and to steal the funds of the victims. Anyhow, these security researchers have also provided some security recommendations. These security recommendations are given below;
- Mobile users should try to keep their mobile devices up-to-date. It is possible only if they keep their mobile devices updated with the latest software updates.
- We have to download mobile apps from the Google Play Store. While downloading apps from the Google Play Store, we should turn-on the protections. After turning-on the protections, you can download the secure apps.
- If someone sends an unauthorized link to download an app, you should not download it. Its reason is that it is an unofficial way to download mobile apps. If you want to download the most legitimate mobile apps, you should visit Google Play Store.
- After downloading a specific app, if it asks you to allow some permissions, you should not click on the ‘Allow’ button instantly. You should take an overview of this app. After taking an overview of this app, if you feel that this app is legitimate, you should click on it.
- If you have some doubts about the legitimacy of a specific app, you should check the APK signature and hash of this app. These things provide you with an idea about the legitimacy of the app.
To enhance the security of mobile apps, you should also find out the best threat detection solutions.