One of the most sophisticated Trojans targeting banking apps has been upgraded. Vultur has been wreaking havoc on Android ever since it was discovered by security firm ThreatFabric in 2021. According to researchers at NCC Group, the malware has resurfaced and is even stealthier than before.
You may remember Vultur. the notoriety it got This is because of its ability to remotely record the screen on your device. The virus hides inside apps in the Google Play Store and infects your device.
But now Vultur has a new way to take over your Android and trick you into downloading malware. Hackers are now using everything from texts to phone calls to trick victims. Once they get into your device, they can take complete control of it. Hackers will try to access and use your phone remotely and steal your hard earned money.
android mobile phone (Kurt “Cyber Guy” Knutson)
Vultur’s new hybrid attack
According to NCC Group, this new attack focuses on contacting the victim. It begins with a text message asking the victim to call if they did not authorize the transaction on their bank account. However, this transaction is not real. It’s just a ruse.
When a victim calls, they receive a text message with instructions and a link to download a McAfee security app that contains a banking Trojan.
Although this security app looks normal, it actually contains the Brünnhilda Dropper, a deceptive component hidden within a seemingly legitimate app. In this case, the dropper contains his Vultur Trojan. He then releases and executes the Trojan horse in three batches. Once the third batch is dropped, hackers will have complete control over her Android device.
Image diagram of infection chain (NCC Group) (Kurt “Cyber Guy” Knutson)
Read more: Hackers use pirated software to hijack Mac, Android, and Windows devices
New features in Vultur
Vultur was already a very serious threat to Android users. But now, thanks to the level of control hackers can gain, that threat has been significantly upgraded. Once Vultur infects a device, hackers can install, delete, upload, and download files. It may even stop the app from running in the first place. If that’s not enough, Vultur can bypass his Android’s key lock feature and bypass the lock screen.
What’s even scarier is Vultur’s remote control capabilities. The malware was first discovered in 2021 and has since gained remote access to devices. But now hackers can give malware more control by telling it to swipe, click, scroll, mute and unmute audio, and more.
Hackers also don’t have to worry about maintaining a connection to your device. They utilized Google’s Firebase Cloud Messaging system, which allowed them to send instructions to infected devices.
samsung mobile phone (Kurt “Cyber Guy” Knutson)
How to protect your Android from Vultur
One of the biggest ways to stay away from Vultur is to avoid calling after receiving a text message from the hacker about approving a large banking transaction. You can always call and check your financial intuition. However, never call an unknown phone number sent by someone you don’t know. Here are some other tips.
Avoid sideloading apps and shortened URLs
Avoid sideloading apps. That’s when you install apps from non-authorized sources. Shortened URLs can mislead users into downloading malware.
Be careful when granting permissions
Be careful when granting permissions to apps. Consider whether your app really needs to access specific device features or data.
Restrict apps installed on your phone
In some cases, having a large number of apps installed on your phone can increase your exposure to malware. These apps can introduce malicious code over time, and the more apps you have to track and update, the more vulnerable your Android is. Here’s how to remove unnecessary apps from Android..
Hacker using Android and laptop (Kurt “Cyber Guy” Knutson)
Download apps from trusted sources
Additionally, when downloading an app, make sure it comes from a trusted and legitimate developer. Check reviews and do your research before clicking “Install”.
Keep your Android device updated
Your phone has a way of keeping itself safe. Software and security updates. Don’t forget to install it.
Install good antivirus software on all your devices
Installing antivirus protection on all your devices is the best way to protect yourself from malware. Antivirus software prevents you from clicking on malicious links that can install malware on your device and allow hackers to access your personal information. Get my picks for the best antivirus protection products of 2024 for Windows, Mac, Android, and iOS devices.
What should I do if my data is compromised?
If malware has already entered your device, you should take immediate steps to minimize the damage and protect your device. Below are some steps you can take.
change password
Vultur can potentially give hackers access to all the information on your device, including your online accounts, personal information, and financial information. To prevent this from happening, you should change the passwords for all important accounts as soon as possible. However, do not do this on an infected device as hackers may view your new password.Instead, you should use another deviceChange passwords on your laptop, desktop, etc. Use strong, unique passwords that are difficult to guess or destroy.You can also use password manager Generate passwords and store them securely.
Monitor your account and transactions
You should regularly check your online accounts and transactions for suspicious or unauthorized activity. If you notice anything unusual, report it to your service provider or authorities immediately. You should also check your credit report and score for signs of identity theft or fraud.
Use identity theft protection
Hackers can access everything on your Android device, including your personal and financial information. They can use this information to create fake accounts in your name, access your existing accounts, and impersonate you online. This can cause serious damage to your identity and credit score.
To avoid this, you should use an identity theft protection service. These services track personal information, such as household title, social security number, phone number, and email address, and notify you if they detect suspicious activity. It can also help freeze bank and credit card accounts to prevent them from being used by hackers. Read more about my reviews of the best identity theft protection services here..
Please contact your bank or credit card company
If a hacker obtains your banking or credit card information, they can use it to make purchases or withdrawals without your consent. You must notify your bank or credit card company of the situation. We can help you freeze or cancel your card, dispute fraudulent charges, and issue a new card.
Alert a contact
If a hacker gains access to your email or social media accounts, they could use them to send. spam or phishing message to your contacts. They may also pretend to be you and request money or personal information. You should alert your contacts and warn them not to open or reply to messages from you that seem suspicious or unusual.
Restore your device to factory settings
If you want to make sure your device is free of malware or spyware, you can restore your device to: Factory settings. This will erase all your data and settings and reinstall your original Android version. Before doing this you need to do the following: Back up Restore important data only from trusted sources.
Cart important points
Vultur is an incredibly sophisticated banking Trojan with some scary features. The fact that a hacker has complete control over his Android is frightening and makes it all the more important to protect yourself.
These attacks start with a simple text message. It’s up to you to make the effort to call your financial institution individually to see if anything is wrong. Just an extra 10 minutes can prevent your entire device from being compromised and your personal information exposed.
How concerned are you about Vultur attacks? How can you protect yourself from attacks targeting your finances? Email us at. Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report newsletter using the link below. Cyberguy.com/Newsletter.
Ask your cart a question or let us know your story you’d like us to feature.
Answers to CyberGuy frequently asked questions:
Copyright 2024 CyberGuy.com. All rights reserved.
