MysteryBot -The Key threat of the Frankenstein Virus
Android has seen its fair share of Malware, Virus and Phishing problems. But the latest threat is a foe hard to eliminate and destructive in its actions. Protection from cyber criminals is an essential practice that everyone needs to be aware about.
Dubbed as the MysteryBot, this malware/virus is a combination of a banking trojan, keylogger as well as ransomware. This makes it the most harmful malware than any other we’ve come to know in recent times. This malware is similar to the Lokibot that wreaked havoc last year. The key feature of the LokiBot was that it turned into Ransomware whenever someone tried to get rid of it.
We warn Android Users of this Frankenstein Virus as it comprises of the worst aspects of different malware.MysteryBot blends features of ransomware, keyloggers as well as banking trojans in order to create a virus which can attack many fronts. Security researchers from the renowned ThreatFabric have discovered the malware.
“It’s highly similar to Lokibot”
MysteryBot Android Malware shares similarities with LokiBot, it is also suspected that the team behind the latter has created the new bot while the blog also added that two strains, MysteryBot and LokiBot, run on the same Command and Control (C&C) server.
Mysterybot is reportedly able to control the infected device and read messages, capture personal info, banking details etc. Android Malware generally targets older versions of the Android OS as they are more vulnerable to newer threats. But MysteryBot is able to access newer android versions like Nougat and Oreo. This makes it a threat of an understandably larger scale.
It is also said to be able to load an overlay screen, that can appear as fake login pages on top if legitimate apps on the OS. This login page becomes a Master-Key for Cyber-Criminals to steal information.
MysteryBot Android malware also contains a keylogger, however, researchers have said that none of the known keylogging techniques have been used and instead, the new malware calculates the location for each row and then places a view over each key.
The encryption process puts each file in an individual ZIP archive that is password protected, the password is the same for all ZIP archives and is generated during runtime. When the encryption process is completed, the user is greeted with a dialog accusing the victim of having watched pornographic material,” said ThreatFabric researchers in a blog post. “Most Android banking Trojans seem to be distributed via smishing/phishing & side-loading,” they added.
No need to Panic
MysteryBot is still said to be under development and is yet to spread on the vast Internet space. This is indeed a relief. For users, it is recommended not to install any Android app from other sources apart from Google Play Store in order to keep their devices safe.
Users are also warned to take precautions before entering their logging in anywhere in public or private surroundings.