Reading:
Android Banking Malware Octo Allows Remote Control on Infected Devices

Android Banking Malware Octo Allows Remote Control on Infected Devices

April 11, 2022

A banking trojan Octo has been discovered, downloaded from the Google Play Store, and targeting banks and financial institutions. It is thought to have been downloaded more than 50,000 times.

Expressed as a new version of Android malware that emerged in 2018, Octo allows threat actors to remotely access mobile devices.

Access SOCRadar free edition and stay alert for potential malware threats.

Thousands of Android Devices Could Be Compromised By Octo

The most crucial feature of Octo is that it offers a comprehensive remote access module. The malware, which can perform many operations on the victim’s device without being noticed, can also follow all the actions on the infected device.

Octo can access other apps on the infected device.
Octo can access other apps on the infected device. (Source: ThreatFabric)

Remote access trojans have become more common lately. Embedded in a trusted application, this malware allows easy access to all logged-in accounts and sensitive data. For this reason, it bypasses protection methods such as multi-factor authentication.

Embedded in Trusted Apps

Threat actors re-release the malware by installing the “.apk” files they download from unofficial application sites. Thus, they have access to the possibility of infecting tens of thousands of devices.

SOCRadar Phishing Detection & Mitigation module protects you against malware that impersonates well-known applications.

Android apps containing Octo malware are thought to be:

  • Pocket Screencaster
  • Fast Cleaner
  • Play Store
  • Postbank Security
  • Pocket Screencaster
  • BAWAG PSK Security
  • Play Store app install

SOCRadar Can Help You Protect Against Banking Malware like Octo

Malware is known to cause millions of dollars of damage by accessing the bank accounts of individuals and companies. To avoid such attacks, it is necessary to download mobile applications only from reliable sources. Another issue is to be careful when determining what data applications will access.

Apart from awareness-based measures, having a robust and reliable cyber intelligence system strengthens your security posture. SOCRadar’s Threat Intelligence Feed module enables cybersecurity teams to get in-depth and contextual data. With the Botnet & Malware feed, you will be aware of potential threats before they happen.

Discover SOCRadar® Free Edition

With SOCRadar® Free Edition, you’ll be able to:

  • Discover your unknown hacker-exposed assets
  • Check if your IP addresses tagged as malicious
  • Monitor your domain name on hacked websites and phishing databases
  • Get notified when a critical zero-day vulnerability is disclosed

Free for 12 months for 1 corporate domain and 100 auto-discovered digital assets. Get free access.