Thursday, Sep 24, 2020 | Last Update : 02:24 PM IST

184th Day Of Lockdown

Maharashtra122438091634833015 Andhra Pradesh6317495518215410 Tamil Nadu5473374919718871 Karnataka5268764233778145 Uttar Pradesh3588932895945135 Delhi2492592133045014 West Bengal2283021989834421 Odisha184122149379763 Telangana1726081419301042 Bihar169856155824870 Assam159320129130578 Kerala13863398720554 Gujarat1247671051913337 Rajasthan116881972841352 Haryana113075908841177 Madhya Pradesh108167836182007 Punjab99930754092860 Chhatisgarh8618347653680 Jharkhand7267358543626 Jammu and Kashmir65026421151024 Uttarakhand4177729000501 Goa2875322726360 Puducherry2319118065467 Tripura2227215441245 Himachal Pradesh124387836125 Chandigarh102987411123 Manipur9010683859 Arunachal Pradesh7385540813 Nagaland5544445110 Meghalaya4733252838 Sikkim2447190529 Mizoram158510120
  Technology   In Other news  03 Aug 2017  Mobile trojan Svpeng turns keylogger and steals through services for disabled users

Mobile trojan Svpeng turns keylogger and steals through services for disabled users

DECCAN CHRONICLE
Published : Aug 3, 2017, 8:32 pm IST
Updated : Aug 3, 2017, 8:32 pm IST

The modified Trojan steals entered text such as banking credentials by abusing Android’s accessibility services.

This approach also allows the Trojan to grant itself other permissions and rights and to counteract attempts to uninstall it. The researchers warn that simply keeping device software up to date does not protect against this Trojan.
 This approach also allows the Trojan to grant itself other permissions and rights and to counteract attempts to uninstall it. The researchers warn that simply keeping device software up to date does not protect against this Trojan.

Kaspersky Lab experts have uncovered a new variant of the Svpeng mobile banking Trojan that features keylogging functionality, a technique more commonly associated with targeted threat actors. The modified Trojan steals entered text such as banking credentials by abusing Android’s accessibility services. This approach also allows the Trojan to grant itself other permissions and rights and to counteract attempts to uninstall it. The researchers warn that simply keeping device software up to date does not protect against this Trojan.

In July 2017, Kaspersky Lab researchers discovered that Svpeng had evolved to abuse this system feature to steal entered text from other apps on the device and grant itself a number of additional rights.

 

The Trojan is distributed through malicious websites as a fake flash player app. Upon activation, it asks for permission to use accessibility services. By abusing this single feature, it can achieve all of the following: access the UIs of other apps and take screenshots every time a key is pressed on the keypad, logging data such as banking credentials. It can give itself device administrator rights and the ability it to draw over other apps. The ability to overlay is needed because some apps, mainly banking ones, do not allow screenshots to be taken when they are on top. In such cases, the Trojan draws its phishing window over the app instead. The researchers uncovered a list of phishing URLs targeting the banking apps of leading European retail banks.

 

Further, it can install itself as the default SMS app, send and receive SMS, make calls, and read contacts, and block any attempts to remove device administrator rights – thereby preventing its uninstallation. The Trojan’s malicious techniques work even on fully updated devices, which have the latest version of Android OS and all security updates installed.
The Trojan is not yet widely deployed, and overall attack numbers are low. Most of the attacks detected to date are in Russia (29 per cent), Germany (27 per cent), Turkey (15 per cent), Poland (6 per cent) and France (3 per cent). Kaspersky Lab advises users to install a reliable security solution.

 

Kaspersky Lab advises users to install a reliable security solution, such as Kaspersky

Internet Security for Android on their device, to always check that apps have been created by a reputable developer and not to download anything that looks at all suspicious or whose source cannot be verified. Last but not least, to take care when granting apps additional privileges.

Tags: cyberattack, cybercrime