Trojan targeting users of USA, Russia and Spain has added India in its target base.
Federal cybersecurity agency of India has reported that the banking ‘Trojan’ virus — SOVA — which can stealthily encrypt an Android phone for ransom and is hard to uninstall is targeting Indian customers.
The latest version of this malware, according to the advisory, hides itself within fake Android applications that show up with the logo of a few famous legitimate apps like Chrome, Amazon, NFT (non-fungible token linked to crypto currency) platform to deceive users into installing them.
The agency said the malware is distributed via smishing (phishing via SMS) attacks, like most Android banking Trojans. Once the fake android application is installed on the phone, it sends the list of all applications installed on the device to the C2 [command and control server] controlled by the threat actor in order to obtain the list of targeted applications.
NPAV recommends users to stop downloading mobile applications from third-party insecure app stores and refrain from interacting with untrusted SMS and links.
Use NPAV and join us on a mission to secure the cyber world.