Connect with us

Hi, what are you looking for?

Social Media

Think before you click: Beware the TeaBot Trojan

A new computer virus of concern is electronically moving through Europe’s financial institutions.

Image: © Digital Journal
Image: © Digital Journal

A new malware strain, dubbed the TeaBot Trojan, is targeting bank accounts across Europe. The Malware can steal victims’ credentials and SMS messages as well as livestream device screens on demand.

Security investigators found evidence that TeaBot first targeted banks in Spain as early as January 2021 and also targeted German banks in March. The malicious code has since spread to Italy and Belgium.

Once the TeaBot virus is installed, the code requests Android permissions to observe the user’s actions. This includes activities like retrieving window content, and performing arbitrary gestures. ‍When the permissions are granted, the app proceeds to remove its icon from the device. The main purpose of TeaBot is to exfiltrate data, and to provide sensitive financial data to hackers.

Looking at this latest threat for Digital Journal is Sam Bakken, Senior Product Marketing Manager, OneSpan.

Bakken notes that the novel threat is a growing concern: “While taking advantage of Android Accessibility Services for financial gain is not a new tactic, its prevalence is increasing.”

This is a consequence of an expansion of digital financial services: “More people are engaging often with mobile financial services, making attacking mobile banking apps a lucrative return on investment.”

An inherent weakness with many offerings makes things more precarious for service users, according to Bakken: “In many cases, these mobile overlay schemes are sold as a service so that even less-skilled criminals can take advantage of already developed technology. I suspect this is only the beginning of the wave, and attackers will continue to roll-out overlay attacks on Android devices as long as they are successful.”

Things do not need to be bleak, according Bakken: “Luckily, there is something mobile financial services app developer can do to protect their users, apps and businesses — protect their apps with mobile app shielding.”

Furthermore, Bakken notes, there are other protective measures that need to be put into place:  “Mobile app shielding is security that travels along with the app to protect it even on compromised devices that have granted Accessibility Services access to a malicious app. Mobile app shielding detects tampering or abuse of Android Accessibility Services and shuts down the interference before attackers can steal credentials and drain an account.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

The CBRE 2024 Scoring Tech Talent Report shows that Calgary’s tech workforce grew by 7.5% in 2023, and 78% over the last five years

World

Now maybe you’d like to condescend to getting something right for a change?

Life

Social pressure to respond quickly to messages or notifications creates a “pressure-driven loop”.

Business

While many CIOs recognize GenAI's importance—a significant majority say it’s crucial for their operations—the real implementation rate is low.