There is a new kind of malware in circulation that tries to gain access to your bank account. This is what Kassa, BNNVARA's consumer platform, writes about. The malware, called "Antidot," was discovered last month by cybersecurity company Cyble, which warned about it in a blog.
The malware targets Android phone users. It pretends to be a fake update to the Google Play app. To spread the malware, the cybercriminals use phishing methods. Namely, you get an email or text message that appears to come from Google, asking you to update Google Play.
When you click on the link, you will be directed to a file to download. This goes outside the Google Play Store. You're not downloading a Google Play update now, but the Antidot malware. After installing it, you will be presented with a new screen that allows you to give the "app" access to your phone.
When you accept this, the cybercriminals gain control of your phone through the malware. Then they can do a lot of damage.
Kassa reports that the malware is available in several languages. It has reportedly already been spotted in English, German, Spanish, French, Portuguese, Romanian and Russian, but not yet in Dutch. However, according to Kassa, this cannot be ruled out in the future.
The Antidot malware is very sophisticated and capable of much. Antidot maintains communication with its Command & Control (C&C) server via WebSocket, allowing live communication between the malware and the hackers' server and executing commands.
The moment you have installed the malware and allowed it into your phone, it can remotely lock your device and control the camera. It can read and intercept your contacts and text messages, as well as forward incoming phone traffic.
Even worse: Antidot can record keystrokes, allowing it to read along as you enter passwords and login information. This, of course, can do a lot of damage, such as when you do online banking or make purchases with your credit card.
Moreover, Antidot can find out which bank you are with and create fake login pages from it. If you open your bank's app, you may see a phishing site that is a copy of your bank's app. If you log in to this, this data will obviously end up with the hacker (who may already have the data in his hands via the keylogger that records your keystrokes).
To avoid becoming a victim of this Antidot malware, or other malware spread in a similar way, it is important that you are aware of various phishing techniques. In our extensive article, you can read what phishing is and how to defend yourself against it.
For example, don't just click on links in emails and text messages, and make sure you download files or apps from trustworthy websites and platforms. In addition, you can prevent a lot of trouble with a good virus scanner on your phone.
