Know how to stay safe from this dangerous Android malware. (HT_PRINT)

Protect Your Bank Details! Safeguard Your Android Device from Malware

Adriana MaraisAugust 31, 23 cybersecurity

In today’s technologically advanced era, with the rise of online business and growing dependence on the internet and AI tools, there are individuals who exploit these technologies for the purpose of stealing money and data. Occasionally, we come across reports of scams being propagated through malicious software across different applications. Recently, experts have discovered a perilous banking malware named MMRat, which possesses the ability to remain undetected and successfully evade antivirus scanning software. Learn more about its functioning.

MMRAT malware

According to a report by Tom’s Guide, in June, Trend Micro discovered an Android malware that even VirusTotal and other antivirus software could not detect. This malware hijacks access to the Android device through malicious apps or URLs and steals all mobile data and wipes the user’s bank account. Once installed by manipulation, the malware initiates a communication channel with the command and control (C&C) server to gain access to the mobile phone.

When the hacker notices that the mobile device is not in use, MMRat utilizes the Android accessibility service to unlock the device and collect all the mobile data, such as bank details, messages and even the smallest details such as battery percentage, contacts, pictures, etc.

Trend Micro reports that the malware is active in Southeast Asia and only targets Android smartphone users. MMRAT captures mobile data using a custom Protobuf protocol. The protocol makes data extraction easy. This new data stealing feature is usually not found in other Android Trojans.

How to stay protected from Android malware

Google advises that when you download any app from its App Store, be sure to enable Google Play Protect, which can scan the app for malware.

2. Always keep your Android device updated and install all security updates.

3. Remove all apps from your device that are not used often or are from untrusted sources.

4. Do Google’s security checkup at http://myaccount.google.com/security-checkup

5. Don’t download apps online from unknown websites as APK files.

6. Use antivirus software and scan your device from time to time.

In addition to this, the user should never download any application in a hurry. Always do your due diligence to find out who is behind the app. If you are unsure about it, don’t download at all. Ultimately, the user is responsible for verifying the application.