Hide summary
For several months, a formidable malware has been wreaking havoc among smartphone users. Detected by cybersecurity experts from Cleafyit mainly targets customers of large French banks and empties the bank account.
The objective? Steal your usernames and passwords and then access your bank account. Cybercriminals will empty it without you realizing it.
Where does the malware come from?
This very sophisticated virus is offered by Turkish cybercriminals via a Malware-as-a-Service model. For a small fee of less than 3,000 euros per month, any group of hackers can obtain this malware and use it for their own attacks. At least 17 pirate groups have already opted for this malicious tool.
The French Banking Federation (FBF) would like to reassure bank account holders. She specifies that it is not a flaw in the banking systems that is to blame. In reality, installation of DroidBot malware comes from users themselves.
To have
This dreaded scam that can empty your bank account is raging on WhatsApp: how to avoid it?
In other words, there is no direct attack on banks or their applications. The danger lies in the actions of users who, often without their knowledge, download this pirate software.
It takes your bank account by storm
DroidBot demonstrates great cunning in infiltrating smartphones. He hides under the guise of legitimate apps, such as Google Chrome, Play Storeor even a fake app pretending to be Android Security.
Fake apps often come from APK files or fraudulent links found on unsavory sites. Once installed, they discreetly take control. Without arousing suspicion, they sift through all the information and activities linked to your bank account.
The cybercriminals behind DroidBot continue to improve their malware. To make their attack more effective, they regularly offer updates and provide a real customer service on Telegram.
Better yet, an administration panel also allows hackers to customize their attacks. As each operation is unique, it is therefore more difficult to detect it
To have
This sneaky scam can empty your bank account, 60 Million Consumers warns
How is the attack going?
DroidBot primarily targets large-scale customers French banks such as BNP Paribas, Société Générale et Credit Agricole. Once the malware manages to install itself on your phone, it then takes action in an extremely intrusive manner.
DroidBot wastes no time and starts spy on all actions related to your bank account. It keeps track of every word you type. Including your passwords, codes and any sensitive information you enter on your device.
The software also captures your messages. Pay attention to those that contain authentication codes sent by your bank to confirm sensitive transactions.
DroidBot superimposes fraudulent windows on your banking applications. You think you enter information into the official app, but in reality it is sent directly to hackers.
Using Android accessibility services, cybercriminals can take full control of your phoneas if they had it in hand. This allows them to make transfers from your bank account.
Protect your bank account from this malware
To protect your bank account from DroidBot attacks, a few gestures can make all the difference. Here is what you can do to strengthen your security:
– Download only from trusted sources like Google Play or PlayStore ;
– Be careful with suspicious links and files ;
– Also check the permissions before installing an application ;
– Finally, contact your bank if you notice any suspicious activity on your bank account.
Related News :