New malware threatens mobile banking users

mobile phones, 25.09.2024, 11:00 AM

Security researchers from the company ThreatFabric have discovered a new, advanced variant of the Octo malware, called “Octo2”, which seriously threatens mobile banking users around the world.

According to ThreatFabric analysts, the Octo malware has been one of the most widespread mobile threats in recent years.

Octo2 has now received several sophisticated functions aimed at improving remote access and making it harder for security systems to detect malware.

ThreatFabric researchers noted that this variant significantly reduces latency during remote control sessions, even under poor network conditions, optimizing data transfer.

Octo2 has already been spotted in targeted campaigns in several European countries, including Italy, Poland, Moldova and Hungary.

Cybercriminals disguise Octo2 as legitimate applications such as Google Chrome and NordVPN.

The malware intercepts push notifications from selected apps, indicating that these apps are of interest to its operators.

“The appearance of this Octo2 variant represents a significant evolution in mobile malware, especially in the context of banking security,” ThreatFabric said, commenting on the new malware features.

According to company analysts, Octo2, due to its improved features and the widespread availability of its predecessor’s source code, will continue to be a significant player in the mobile malware world, alongside its older variants derived from the leaked source code.

“As this threat continues to evolve, both users and financial institutions must remain proactive, and apply strict security measures, continuously updating defenses to mitigate the increased risk,” ThreatFabric concluded.

Photo: Gilles Lambert | Unsplash