Malware attacking Android smartphones is on the rise, and the latest, “BingoMod,” may be the most frightening yet.
The malware steals money from your accounts and then wipes your phone, using fraud techniques on the device to steal up to $16,000 at a time.
And the worst part is that this isn’t the final version yet: according to the researcher, the developers are still working on adding more features to make it less detectable.
For security alerts and expert tips, sign up for KURT’s newsletter, The Cyberguy Report, here.
Man using an Android smartphone (Kurt “Cyberguy” Knutson)
How BingoMod gets onto your phone
According to the researchers CreefyThe malware is a Remote Access Trojan (RAT) that allows attackers to gain full remote access to Android phones. The malware is delivered to phones as an app and distributed through smishing (SMS phishing) campaigns.
How BingoMod tricks you
The malicious apps often pose as legitimate antivirus applications with names like APP Protection, Antivirus Cleanup, Chrome Update, InfoWeb, SicurezzaWeb, WebSecurity, WebsInfo, WebInfo, APKAppScudo, etc. In one instance, Cleafy reported, they even mimicked the free AVG AntiVirus & Security tool available on Google Play. When contacted, a Google spokesperson provided the following statement:
“Based on current detections, no apps containing this malware have been found on Google Play. Android users are automatically protected from known versions of this malware by Google Play Protect, which is turned on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even if they come from sources other than Play.”
When you install BingoMod on your phone, it asks you to enable Accessibility Services, which is a red flag: if you allow access to Accessibility Services, you’re essentially allowing it access to everything on your phone.
Once BingoMod has all the necessary permissions, it starts working with background functionality aimed at providing sensitive data to the attackers behind the malware. Using a technique called keylogging, it steals sensitive information displayed on the device screen or typed by the user, such as login credentials and account balances. It can also intercept user messages to detect one-time passwords and authentication codes.
How BingoMod ensures persistence
The malware blocks changes to system settings, blocks certain apps, uninstalls apps, and more to prevent users from removing it from their phones, but usually allows attackers to wipe the infected device to cover their tracks after making the unauthorized transfer.
A woman holding an Android smartphone (Kurt “Cyberguy” Knutson)
Android banking Trojan evolves to evade detection and attack globally
Android malware is evolving
Researchers believe that BingoMod has not yet reached its full potential: the malware is still in the testing phase and the hackers behind it are working on adding more features. Cleafy researchers point out:
“BingoMod is in the development stage, with developers experimenting with obfuscation techniques to reduce detection rates by AV solutions. Overall collected samples reveal an intention to attempt multiple anti-analysis configurations rather than further complicate the malware’s functionality.”
Android smartphone on a desk (Kurt “Cyberguy” Knutson)
Android banking Trojan poses as Google Play to steal data
11 ways to protect yourself from Android malware
Remote access Trojans are hard to detect and dangerous once they get onto your phone, but there are some steps you can take to protect your data.
1. Beware of phishing scams: Be wary of messages or emails from unknown sources asking for personal information. Do not click on suspicious links or provide sensitive information unless you can verify the legitimacy of the request.
2. Deploy powerful antivirus software: Android has a built-in anti-malware feature called Play Protect, but it can’t stop all malicious software. To date, Play Protect has not been 100% reliable in removing all known malware from Android phones. The best way to protect yourself from clicking on malicious links that install malware that could access your personal information is to install antivirus protection on all your devices. This will: Phishing emails or Ransomware scam. We’ve handpicked the winners of the best antivirus protection of 2024 for Windows, Mac, Android and iOS devices.
What is Artificial Intelligence (AI)?
3. Download apps from trusted sources: It is important to download apps only from trusted sources, such as the Google Play Store, which undergo rigorous checks to prevent malware and other harmful software. However, even with the security measures offered by Google Play, downloading apps from the store does not provide 100% protection from malware and harmful software. Avoid downloading apps from unknown websites and unofficial stores, as they may pose a high risk to your personal data and device. Never trust download links received via SMS.
4. Use identity theft protection services: Android malware like BingoMod is becoming increasingly sophisticated, so using an identity theft protection service is an important step in protecting your personal information.
Identity theft companies monitor your personal information, such as social security numbers, phone numbers, and email addresses, and alert you if it’s being sold on the dark web or used to open accounts. They can also help you freeze your bank and credit card accounts to prevent further fraud by criminals. Check out our tips and best choices for protecting yourself against identity theft.
5. Be careful with app permissions: Always review the permissions an app requests before installing it. If an app requests access to features that are not necessary for its functioning, it may be malicious. Do not grant an app Accessibility permissions unless it truly needs them. Do not grant permissions that could put your personal data at risk.
Click here to get FOX Business on the go
6. Monitor your account: If you think you may have been affected by a banking Trojan, regularly review your bank statements, credit card statements, and other financial accounts for fraudulent transactions. If you notice any suspicious transactions, report them to your bank or credit card company immediately.
7. Enable SMS notifications for your bank account: Enabling SMS notifications allows you to monitor your account for fraudulent transactions.
8. Set up two-factor authentication (2FA): 2FA It’s an extra shield to prevent hackers from accessing your account.
9. Use strong, unique passwords: Create strong passwords for your accounts and devices, and avoid using the same password for multiple online accounts. Consider using a password manager. Password Manager It helps you create and store strong, unique passwords for all your accounts, reducing the risk of password theft.
10. Regularly update your device’s operating system and apps: Maintaining the Software Latest This is very important because updates often contain security patches for newly discovered vulnerabilities that can be exploited by Trojans.
11. Don’t use public Wi-Fi for sensitive transactions. Public Wi-Fi An insecure network makes it easier for malware and hackers to intercept your data, so if you’re accessing sensitive information or conducting financial transactions, protect your data by using a secure, private connection.
Banking Trojan targets more apps, putting Android users at risk
Important points about the cart
BingoMod sounds scary, but remaining vigilant is your best defense. Always be careful when downloading apps from unknown sources or clicking suspicious links in texts. Keep your devices up to date, use reputable antivirus software, and be wary of apps that request excessive permissions. This malware may be evolving, but so are the ways to protect yourself.
Click here to get the FOX News app
Do you check app permissions before installing? How do you determine which permissions are allowable? Cyberguy.com/Contact Us.
If you want to hear more of my tech tips and security alerts, subscribe to the free CyberGuy Report newsletter at the link below. Cyberguy.com/Newsletter.
Have a question for Kurt or tell us the story you’d like to see featured?.
Follow Kurt on his social channels:
Answers to the CyberGuy’s most frequently asked questions:
Copyright 2024 CyberGuy.com. All Rights Reserved.
