In recent times the National Cybersecurity Institute (INCIBE) and several cybersecurity firms have warned about different banking Trojans that are on the rise in Spain. After the passage of Flubot, which in just three months managed to steal the phone numbers of 11 million users in our country, the cybersecurity company Cleafy has discovered a new computer virus of the Trojan type designed to steal the online banking keys of the users of ‘smartphones’ with the operating system Android. According to your data, to date, the code Teabot has been able to steal data belonging to 60 different banking entities.
As was the case with the Trojan FluBot, the cybercriminals behind this code pose as the official ‘apps’ of companies such as DHL, UPS, VLC MediaPlayer or Mobdro in malicious app stores posing as the official Android app.
TeaBot allows the cybercriminal behind the infection to perform overlapping attacksthat is, it displays login screens posing as bank officials to steal login credentials and credit card information. In turn, it has the ability to intercept, read and send SMS, which allows access to verification keys sent from banks. It can also be used to silence the phone, read the calendar and mobile status, remove an installed application, or abuse Android’s accessibility services.
The same mechanism is used by the code. Gallant, a new Trojan that has already been able to steal online banking keys from 70 different banks, 22 of them Spanish. Kapersky has been in charge of informing about the arrival of this new computer virus of Brazilian origin. By means of the phishing technique they achieve the impersonation of a third party so that the victim installs the virus without realizing it. Usually the route of infection is an SMS or email offering to download an MSI package. To do this they make use of hooks that range from offers from transport tracking applications to a very novel flashlight.
The only way to avoid being attacked by this type of virus is to make sure that you download all the applications from the official stores of your devices: Google Play Store, for Android terminals, and App Store, for iPhone. In addition, we must be careful with any email or SMS in which we are asked to install an application and have an antivirus to detect malware.