News

Android Malware Alert: Your OTPs Are at Risk

Learn how to protect your phones, sensitive bank information, and more.

Aayushi Jain

The recent reports from cybersecurity firms, Kaspersky and Cleafy point to the worrisome trends in Android malware. According to these reports, a new Android malware steals One-Time Passwords (OTPs), taking control of phones.

Security experts from both firms have warned about the two dangerous malware variants, Necro Trojan and TrickMo that are behind this attack.

Evolution of Necro Trojan

According to Kaspersky, Necro Trojan is an Android malware with the ability to install itself on devices through modified applications like Spotify and WhatsApp. 

The Necro Trojan was first reported in 2019. However, it has significantly evolved. Now, it targets popular applications like Wuta Camera which has more than 10 million Google Play Store downloads.

When the malware is installed, applications can be installed without permission, pop-up advertisements that are force-fed, and unauthorized purchases are made.

Banking Trojan Threat TrickMo

According to the report by Cleafy, there exists another serious threat. There is a banking Trojan that spewed through a fake Chrome browser update and goes under the identity of Google Play Services. The malware convinces users by taking some privilege to access sensitive information.

As soon as TrickMo is installed, it can steal OTPs, record screen activity, and log keystrokes. It works very stealthily, not being discovered, which makes this malware extremely dangerous.

Recommendations for Users

Recent news brought into light a Windows malware called Lumma Stealer Malware. Lumma Stealer propagation takes place through fraudulent human verification pages. These fraudulent human verification pages mimic legitimate systems, such as Google's CAPTCHA. 

To be on the safe side, Google advised its users to download their applications only through market stores and ensure they activate Play Protect. Users should refrain from granting permissions that the applications do not require and delete unused applications.

Smartphones carry very sensitive data, thus, users need to be more vigilant. These mitigations can immensely enhance the security of devices.

4 Coins That Are Ready to Beat Shiba Inu’s (SHIB) ROI This Bull Run

These 2 Affordable Altcoins are Beating Solana Gains This Cycle: Which Will Rally 500% First—DOGE or INTL?

Avalanche (AVAX) Nears Breakout Above $40; Shiba Inu (SHIB) Consolidates – Experts Say This New AI Crypto Could 75X

Web3 News Wire Launches Black Friday Sale: Up to 70% OFF on Crypto PR Packages

4 Cheap Tokens That Will Top Dogecoin’s (DOGE) 2021 Success in the Next Bull Run