Smartphone users in the US, UK, and Europe should be careful about the Android banking malware called S.O.V.A. It allows hackers to steal user information, launch keylogging attacks and manipulate incoming notifications. Even worse, it is advertised and redistributed on many hacking forums.
For reference, "Sova" means owl in Russian. The developers behind this malware might have chosen the name because of the bird's ability to stal. As a malware, S.O.V.A unfortunately lives up to its reputation.
Android Banking Malware: S.O.V.A
Malicious actors who use S.O.V.A can launch many types of attacks on an infected device. According to The Hacker News, some of its capabilities are:
- Steal user credentials
- Steal user session cookies
- Keystroke logging
- Hide incoming notifications
- Intercept two-factor authentication codes
- Insert modified commands (especially for the cryptocurrency mining)
- Launch web overlay attacks
- Launch DDoS attacks
- Deploy ransomware
When S.O.V.A launches an attack, it uses overlay features to imitate payment systems like PayPal. Unknowing victims will login with their information, which the hacker will steal. The Hacker News uploaded a photo example of this "3 Stage Overlay."
Note, however, that the Android banking malware is reportedly in its early stages of development. Threat Fabric saw the program listed in hacker forums and commented that "the author behind this bot clearly has high expectations for his product, and this is demonstrated by the author's dedication to test S.O.V.A. with third parties, as well as by S.O.V.A.'s explicit feature roadmap."
This implies that it is a growing threat for all Android devices.
How to Stay Safe From Android Malware
With the pandemic still ravaging the world, many users shifted to online banking as a new mode of payment. Unfortunately, hackers seem to have taken advantage of this change and launched their malicious attacks. According to the Federal Trade Commission (FTC), nearly 7,000 victims reported losing more than $80 million to ongoing scams.
This is why users should be extra careful about their device privacy. To ensure maximum smartphone security, Android users can try the five antivirus apps listed in this article:
- Bitdefender Mobile Security ($15 per year): The app offers flawless malware protection, Android wear integration, VPN service, Data-breach notification, and malicious website blocker.
- Kaspersky Mobile Antivirus ($20 per year): The app offers call filtering, web blocker and automatic scans.
- Norton Mobile Security ($30 per year): The app offers a unique feature called App Advisor. It regulates and checks on pre-installed apps for any unusual activity. It also double-checks Google Play Store permissions when downloading an app.
- McAfee Mobile Security ($30 per year): The app offers a unique feature called Guest. It ensures strangers using the smartphone can't access personal user files. Note that the security performance on this app is decent but not fantastic.
- Avast Mobile Security ($24 per year): This app offers a privacy adviser, system optimizer and customizable blocklist. Note that it does not have anti-theft or call-blocking features.
Related Article: Dogecoin Price Prediction: Doge Millionaire More 'Bullish' Than Ever as He Forecasts Big Surge