Plugavel.
  • Home
  • Tech
  • Car
  • More
    • Privacy policy
    • About us
    • Contact us
No Result
View All Result
Plugavel.
  • Home
  • Tech
  • Car
  • More
    • Privacy policy
    • About us
    • Contact us
No Result
View All Result
Plugavel.
No Result
View All Result

This new type of virus steals passwords on Android

30 de July de 2021
in Tech
Vultur intègre un serveur VNC afin de diffuser l’écran du smartphone et voler les identifiants bancaires. © ThreatFabric
ADVERTISEMENT

New malware that targets banking apps has been discovered. It is installed through bogus apps on the Google Play Store. Called Vultur, it uses a VNC server to record everything that happens on the screen.

You will also be interested


[EN VIDÉO] What is a cyberattack?
With the development of the Internet and the cloud, cyber attacks are more and more frequent and sophisticated. Who is behind these attacks and for what purpose? What are the methods of hackers and what are the most massive cyber attacks?

The cybersecurity company ThreatFabric spotted a banking malware which uses a new technique to steal passwords. Most programs of this type display a page Web over the applications banking, prompting the user to enter their credentials. This new malware, called Vultur, is based on a server VNC, a technology that allows it to record and broadcast everything that happens on the screen in real time.

Vultur is installed thanks to Brunhildar, a malware contained in fake applications on the Play Store. Brunhilda is a ” dropper ”, In other words its only function is to allow the installation of other malware. Vultur must obtain permissions to record the screen and perform actions, and for this fools users by displaying an overlay already seen with other malware.

Over 30,000 potential installations

The malware monitors application usage and launches as soon as it detects one of the 103 target applications on its list. It then captures the screen of the smartphone as well as all keystrokes to obtain bank identifiers, as well as those of Facebook, Viber and TikTok. Vultur is currently targeting applications for banks in Italy, Spain, the Netherlands, UK and Australia. the malware is based on several legitimate applications, including AlphaVNC for the server VNC, ngrok to make sure the VNC server can be accessed remotely, and Firebase from Google to be able to receive commands from a control server.

The presence of Vultur is quite easy to detect since theicon « Caster “In the notification area ofAndroid indicates that ” Protection Guard »Broadcasts the screen. However, the malware is difficult to remove since it activates the “Back” function as soon as the smartphone displays the screen allowing it to be uninstalled. The false application Protection Guardwas installed over 5,000 times before being removed from the Play Store. However, ThreatFabric estimates that bogus applications containing Brunhildar, which can install various malware including Vultur, have been installed more than 30,000 times.

Interested in what you just read?

.

Tags: AndroidcybersecuritykeyloggermalwarepasswordpasswordsPlay StorestealstypevírusVNC
ShareTweetPin

We would like to send you notifications with news, you can unsubscribe at any time.

Unsubscribe

Recommended

Avec l'impression 3D, il est possible de produire des pièces détachées et ainsi lutter contre l'obsolescence programmée. © 22091967, Adobe Stock

Marklix, the marketplace for 3D printed spare parts

15 de May de 2021

Simplici Car, the story of a national success

23 de February de 2022

Good deal: Apple AirPods headphones are on sale on Amazon

25 de February de 2022

The Lenovo IdeaPad Duet Chromebook is under $300 at Amazon

23 de February de 2022
  • Home
  • Privacy policy
  • About us
  • Contact us
© 2021 Plugavel - News about technology and cars on one site Plugavel.
No Result
View All Result
  • Home
  • Tech
  • Car
  • More
    • Privacy policy
    • About us
    • Contact us