Security experts are warning of a new Android trojan targeting banking apps, as well as apps such as Amazon and PayPal.
Dubbed S.O.V.A. by its creators – after the Russian word for “owl” – the malware, though still in development and testing, incorporates overlay attacks, keylogging, and notification manipulation, as well as theft of session cookies, which allows criminals to access valid logged-in sessions without needing credentials.
According to security firm ThreatFabric, the authors of the malware are advertising a trial targeting major banks, and have a roadmap of future features; samples have also been spotted in the wild.
“S.O.V.A. is also taking a page out of traditional desktop malware, confirming a trend that has been existing for the past few years in mobile malware.
“Including DDoS, Man in the Middle, and Ransomware to its arsenal could mean incredible damage to end users, in addition to the already very dangerous threat that overlay and keylogging attacks serve,” the report warns.
ThreatFabric’s data shows Australia is in the top ten most targeted countries for S.O.V.A., with the US and UK equal first.
