It is recognized that security on Android has a lot to evolve, especially with regard to the apps present in this system. Google has measures in place, but the truth is that cases accumulate and are increasingly dangerous.
The situations in which data is stolen have evolved and are increasingly complex. A new threat is present and endangers users, where their bank details are stolen and even Android smartphones are kidnapped to commit fraud.
It's called Octo and it's one of the latest threats that is present on Android. This malware has very high destructive power and has triggered alerts within Google and Android itself. There are several apps that bring it to the equipment, without users being aware of it.
The purpose of the Octo is very clear and their victims watch your action happens on a recurring basis. It attacks on two fronts, seeking to steal users' bank details.
The way to go unnoticed in its action is very curious and, at the same time, very simple. By setting the screen brightness to minimum and activating the do not disturb mode, it can give the user a false sense of security and appear that nothing is active.
The truth is that at these moments Octo is in action and using its destructive force on victims' smartphones. The screen is currently being projected to remote locations where attackers can control the equipment.
Another way to act is by recording user actions, especially in banking applications. Here, Octo registers passwords, pins and other forms of authentication, and can also access the SMS they use to change access data on these services.
This malware is believed to be a derivative of ExoCompact, a trojan horse which caused a lot of damage after its code was revealed in 2018. Currently this malware is sold on various dark web forums.
As in many situations, Octo's gateway is the installation of apps outside the Play Store and other trusted stores. There are known situations in which it was proposed as a browser update, naturally fraught with problems.
The list of apps where Octo is known to be is as follows:
- Pocket Screencaster (com.moh.screen)
- Fast Cleaner 2021 (vizeeva.fast.cleaner)
- Play Store (com.restthe71)
- Postbank Security (com.carbuildz)
- Pocket Screencaster (com.cutthousandjs)
- BAWAG PSK Security (com.frontwonder2)
- Play Store app install (com.theseeye5)
Of course, if you have one of the apps on your smartphone, you should immediately remove it. The problems that this new threat brings are serious and the damage is great for Android users.