Unfortunately, as long as Android is an open source system, the malware they will continue to exist. In the last period we talked about Escobar, an old virus with a new name, or another name malware that comes from Russia and that risks stealing more than sensitive data. Today we are going to talk about Octo, a whole new virus that takes advantage of the possibility of decrease the brightness of the screen to target users. Let's see how it works.
A new Android malware called Octo takes advantage of the brightness of the smartphone to hide scams of different types. Here are all the details
A new malware is stealing bank details and performing malicious activities on Android smartphones and tablets. Octo is a tool capable of "hijacking" devices and committing fraud through remote access using the resources of the Google operating system, such as underscore the experts from Threat Fabric. Octo malware is characterized by the iSetting the brightness level of the screen to zero. In addition to this, notifications are silenced by activating the "Do not disturb" mode, making the victim think that their device is turned off and cannot see what the criminals are doing, which could include browsing, data exploration and application use.
This RAT (or remote administration tool) uses Android's MediaProjection module, capable of transmitting the device screen at a high rate, sufficient for hackers to manipulate it remotely. In addition to this, Octo is also able to track user behavior, both on the web and offline, and to log system entries such as banking passwords, email accounts and PINs. Additionally, SMS messages can be intercepted to allow hackers to reset passwords as well subscribe to services on behalf of the victim.
It is believed that this malware derive from ExoCompact, a Trojan that caused damage after the source code was disclosed in 2018. Currently, the malware is sold on dark web forums by an individual with aliases "Architect"and "good luck". In February, cybersecurity experts found Octo in an app called "FastCleaner”On the Google Play Store which had over 50.000 installations.
Attacks of this type are becoming more common as traffic increases through mobile devices. An always valid advice is to verify that Play Protect is enabled. Also, that of avoiding installing applications from dubious sources that are not available on the Play Store.
Through | Beeping computer
