Cleafy researchers announced they discovered something new banking malware It is currently intensifying in many European countries. malware tea robot It is now particularly common in Spain, Germany, Italy, Belgium and the Netherlands, but researchers say:appears to still be in active development. We also note thatIncludes six languages including FrenchConcretely, once installed, the malware interacts with accessibility services, providing hackers with a live view of what is being displayed on the screen.
Teabot also lets you: Collect identifiers of approximately sixty banks based in Europetogether Read single-use dual authentication codes received via SMS. It’s an identity verification method that all banks on the continent must abandon by 2022. From there, cybercriminals can take control of your bank account and remove money from it without your knowledge. Initially, Teabot appeared to be a pirated IPTV app called TeaTV. The malware has since been hidden in fake applications known as “VLC MediaPlayer”, “DHL”, “UPS” and even Bpost.
Android Teabot malware has already been translated into French, be careful…
Cleafy researchers explain: “Once the malicious app is downloaded onto the device, it attempts to install itself as an ‘Android service’, a system service that allows it to run long-term operations in the background. This functionality is manipulated by Teabot to hide itself, which allows it to avoid detection once installed and therefore maintain its persistence on the smartphone..
Malware asks during installation Various dangerous permissions to observe your actions, retrieve window contents and perform random movements. The application in which the malware hides is often non-functional. Once the malware is installed, nothing seems to happen and the icon completely disappears from the smartphone, even though the program actually starts doing evil in the background.
As always, we highly recommend Never download apps from outside Play StoreIf you accidentally installed this malware, it is strongly recommended to restore the smartphone to factory settings and only restore backups from before the malware was installed.
Credit: ZDNet
