Technology

EventBot: A real threat to your mobile banking.

Gautam Singh

Computer and mobile malware isn’t news these days. Every day a new malware or ransomware keeps hitting users globally, harming their phones or stealing data. However, once in a while a malware or virus emerges as a severe threat, especially those which have strong financial implications. Eventbot is one such malware designed for android mobile devices that is on the horizon.

1) What is Event Bot?

Source: Youtube

“EventBot” is a mobile banking malware that steals personal financial information. Originally believed to be active only in Europe and the US, as per CERT-IN, it may now affect Android phone users in India as well. The Computer Emergency Response of Team (CERT) of India has issued warning against this malware stating it is a mobile Trojan that steals data information from banking and other financial apps. It also gains control over the victim’s device and reads the MPIN.

The Cybereason Nocturnus team is investigating EventBot, It has emerged around March 2020. EventBot has targeted users of over 200 different financial applications, including banking, money transfer services, and cryptocurrency wallets.

It specifically targets financial banking applications across the United States and Europe. It is now expected to affect India. EventBot is in the early stages and can become the next big mobile malware, as it is constantly improving. Event Bot abuses a critical operating system feature and targets financial applications. 

2) How EventBot Works?

As per CERT-In, it is a Trojan virus that may “masquerade as a legitimate application such as Microsoft Word, Adobe Flash, and others using third-party application downloading sites to infiltrate into victim’s device.”

Once installed on a device, EventBot steals personal financial information from Android phone users. It cheats the host secretly by attacking a computer or phone operating system. It targets money-transfer services and financial applications. Event bot is a mobile banking trojan and steals user data from financial applications, reads user SMS messages, and intercepts SMS messages allowing malware to bypass two-factor authentication.

In simple words, the Malware hacks into your account details, and when asked for OTP from our phone number it intercepts it and uses it to make a transaction without being discovered on your phone. The EventBot reaches your phone or computer by downloading untrusted and third-party apps.

3) What damage EventBot can cause?

As stated earlier, Eventbot affects online and banking transactions. It takes over all your account details and intercepts the messages sent and received to pass through 2-step verification. As the malware takes over your phone, your data is compromised too.

Around 60% of devices containing or accessing enterprise data are mobile. Mobile devices tend to include a significant amount of personal and business data. Mobile malware is a significant risk for organizations and consumers alike and must be considered when protecting personal and business data.

Victims of EventBot can lose all their savings, personal info and their identity can be put up on the dark web to be used by someone else. Their identity can be further be used to do illegal transactions and can cause a lot of trouble for the victims.

4) How to prevent or be aware of the threat?

EventBot asks for several permissions from the users, some of which are:

  • install other packages;
  • create windows that are shown on top of other apps;
  • allow running in the background;
  • allow reading SMS contents;
  • access information about network;
  • allow the app to start with each device launch, etc.

Be very careful about providing these permissions to any app unless they are trusted and they genuinely need it for their functioning. To prevent EventBot or any malware, in particular, also follow the following steps

  • Keep your mobile device up-to-date with the latest software updates from legitimate sources.
  • Keep Google Play Protect on.
  • Do not download mobile apps from unofficial or unauthorized sources.
  • Double-check the reason and permissions an application requests. 
  • Have updated and licensed antivirus on our phone.

In case your phone is affected by malware

  • Delete and deactivate all activities and permissions given to applications like google chrome and any unauthorized apps.
  • switch off your phone data and any source of internet
  • turn on antivirus app or turn your phone to safe mode.
  • after the antivirus app has checked your phone either resume using your phone or reset your phone and account completely.
  • You can take your phone to authorized service centers to eradicate the malware.

Prevention is the best cure not just for a disease in your body but also against malware on your phone. Keep your phone and your data safe and secure and don’t download anything unsourced from the internet

Leave a Comment

Acne Removal Creams At Top Discounts! Cosmetics On SALE! Don’t Miss! Men’s T-Shirts At Insane Deal! Women’s Track Pants at Crazy Deals! Myntra Sale! Up to 80% Off on Fashion, Beauty & More! Pack Your Bags & Save Big! Travel Essentials Sale – Ending Soon!