What You Need to Know About Android Banking Malware

We don’t often talk about mobile malware, but that doesn’t make it any less scary! An Android banking malware called Sova has once again been making the rounds, this time complete with additional features that make it scarier than the last time. What can you do to protect yourself from this threat?

Some Background Information on Sova

Sova is an Android banking trojan that is used to provide back-end access for other threats later on. It was initially developed and released in September of 2021, with the developer stating that it was not yet complete. Even in this state, it was able to harvest usernames and passwords through keylogging, cookie theft, and false overlays of popular apps.

Now, Sova is even more dangerous and can deliver ransomware to its victims, in addition to its newfound features. It can mimic over 200 banking and payment applications and can target your cryptocurrency wallets, too. Sova can also take screenshots of infected devices and record audio through an infected microphone.

It’s safe to say that Sova is an even greater threat than before.

Security researchers at Cleafy state, “The ransomware feature is quite interesting as it’s still not a common one in the Android banking trojans landscape. It strongly leverages on the opportunity arises in recent years, as mobile devices became for most people the central storage for personal and business data.”

Sova is also notable in that it can circumvent the efforts of your multi-factor authentication protocols. It can intercept the MFA tokens and steal data even if you have taken the recommended action to implement MFA for your business.

How to Protect Yourself

Sova and other types of Android malware tend to spread through fraudulent applications on the Google Play store, an applications hub for Android users. If a user unsuspectingly downloads an application infected by Sova, they could contract the malware and be in for a world of danger. We always urge users to download apps only from trusted and reputable publishers. Furthermore, you should only be downloading apps from first-party app stores rather than third-party ones, and be sure to read reviews and read the description before pulling the trigger.

SRS Networks can help you manage your employees’ devices through mobile device management tools. These robust enterprise solutions offer whitelisting and blacklisting of apps, remote wiping, and so much more, all in the attempt to mitigate the security risks associated with mobile devices on your company network.

To learn more, reach out to us at (831) 758-3636.

Leave a comment

Your email address will not be published. Required fields are marked *