The recent reports from cybersecurity firms, Kaspersky and Cleafy point to the worrisome trends in Android malware. According to these reports, a new Android malware steals One-Time Passwords (OTPs), taking control of phones.
Security experts from both firms have warned about the two dangerous malware variants, Necro Trojan and TrickMo that are behind this attack.
According to Kaspersky, Necro Trojan is an Android malware with the ability to install itself on devices through modified applications like Spotify and WhatsApp.
The Necro Trojan was first reported in 2019. However, it has significantly evolved. Now, it targets popular applications like Wuta Camera which has more than 10 million Google Play Store downloads.
When the malware is installed, applications can be installed without permission, pop-up advertisements that are force-fed, and unauthorized purchases are made.
According to the report by Cleafy, there exists another serious threat. There is a banking Trojan that spewed through a fake Chrome browser update and goes under the identity of Google Play Services. The malware convinces users by taking some privilege to access sensitive information.
As soon as TrickMo is installed, it can steal OTPs, record screen activity, and log keystrokes. It works very stealthily, not being discovered, which makes this malware extremely dangerous.
Recent news brought into light a Windows malware called Lumma Stealer Malware. Lumma Stealer propagation takes place through fraudulent human verification pages. These fraudulent human verification pages mimic legitimate systems, such as Google's CAPTCHA.
To be on the safe side, Google advised its users to download their applications only through market stores and ensure they activate Play Protect. Users should refrain from granting permissions that the applications do not require and delete unused applications.
Smartphones carry very sensitive data, thus, users need to be more vigilant. These mitigations can immensely enhance the security of devices.