What Does The Revive Banking Trojan Do On Your Android Device?
Revive is the name of a new banking trojan malicious application that is used to target customers of Spanish banking institutions. The malware is used for account theft and stealing login credentials.
Revive is usually distributed under the guise of a multi-factor authentication application released from the bank in question. Of course, the app has nothing to do with the bank and is made by the criminals running the Revive trojan.
The malicious app shows a fake login page, tailored to mimic the bank's legitimate login portal. Entering user account information in this form simply hands your login info to the malware operator. This allows for practically complete account takeover.
Revive has further malicious capabilities, including keypress logging and SMS interception. With the permissions it asks for upon installation, the trojan can also hijack SMS messages containing one-time use passwords and multi-factor authentication strings sent by the system of the legitimate bank.
Similar strains of Android malware that target mobile devices and have banking trojan capabilities include the Coper, Hydra and Exobot Compact.