Escobar Android Malware Preys on Financial Data
Android devices continue to be a popular target among cybercriminals. Nowadays, users store their devices to store all sorts of important information, as well as to do their banking. Of course, these are the types of data and activities that cybercriminals are highly interested. This is where threats like the Escobar Android Malware come into play. This new piece of Android malware is being promoted on Russian-speaking hacking forums.
The creator says that the Escobar Android Malware is still under development, but they are already willing to give five other criminals access to the payload and control panel. The cost of this would be $3,000/month, and the crooks will get full access to Escobar Android Malware's arsenal. This is where we should add that the promoter of this malware was recently involved with the development and use of another Android Trojan called Aberebot. It is possible that the Escobar Android Malware might be a revamped and improved version of the latter.
Escobar Malware Exploits the Android Accessibility Service
Just like other Android Trojans to come out in recent years, the Escobar Android Malware also demands victims to provide it with permission to use the Android Accessibility Service. This innocent-looking request actually grants the malware full control over the infected device. In addition to this, the Escobar Android Malware also asks for permission to access other core smartphone features like the microphone, camera, text messages, storage, and more. Judging by the features of the Escobar Android Malware, its primary goal is likely to be used as a Banking Trojan. It is able to inject overlays on top of apps and browser windows on-the-fly, tricking victims into engaging with phishing attacks. In addition to this, it can also easily intercept text messages – a trick to enable it to bypass two-factor authentication.
The Escobar Android Malware also deploys a remote access app that would enable the criminals to interact with the device's screen remotely. Needless to say, this Trojan packs a large number of dangerous features, and staying safe from it is mandatory. The best way to ensure your Android's safety is to use an up-to-date Android anti-malware app.