Delhi, October 22: With the rise of technology, hackers use many types of viruses to trick people. Phishing messages are used to download these viruses to people’s phones. Banks are now allowing their customers to use one such virus, SOVA, which can stealthily encrypt an Android phone for ransom and is difficult to uninstall.
SOVA reportedly targeted over 200 mobile banking and crypto apps. This virus steals login credentials and cookies from the application. This malware was first detected in September 2021. SOVA Trojan virus: new mobile banking virus for Android phone lurking in Indian cyberspace
SBI alerts its customers to the SOVA virus:
Don’t let malware steal your valuable assets. Always download trusted apps from trusted sources only. Stay alert and #SafeWithSBI#SBI #AmritMahotsav #Cybersecurity #Cyber security #StayVigilant #Be careful pic.twitter.com/NwAfUle36V
— State Bank of India (@TheOfficialSBI) September 22, 2022
What is the SOVA virus?
SOVA is an Android banking Trojan malware that targets banking apps to steal personal information. It adds miscarriages to apps. These layers help the malware copy the payment application. This malware was first discovered in September 2021.
The malware records user information when they access their account through online banking applications and log in. Once installed, there is no way to remove this app. Hackers reportedly slipped ‘Silver Sparrow’ malware into 30,000 Apple Macs
How does this malware work?
Sova Trojan malware is delivered to users’ devices via phishing text messages. The latest version of this malware hides in fake Android apps which appear with logo of some famous legit apps like Chrome, Amazon, NFT (non-fungible cryptocurrency token) to trick users into installing them .
Simply put, this malware gets installed in your phone via phishing text messages. After installation, this Trojan sends details of apps present on your phone to hackers.
Although SOVA malware is a banking trojan, it has other harmful features such as keylogging, DDoS attacks, overlay attacks, notification manipulation etc. Security researchers have also found a rare feature in the malware that allows the SOVA malware to steal session cookies. This feature allows the malware to connect to bank accounts without the user’s username and password.
The virus can collect keystrokes, steal cookies, intercept multi-factor authentication (MFA) tokens, take screenshots and record video from a webcam and can perform gestures such as clicking the screen, swipe, etc. using the Android Accessibility Service, which makes it deadly.
(The story above first appeared on LatestLY on October 22, 2022 at 10:53 a.m. IST. For more news and updates on politics, world, sports, entertainment and fashion of life, log on to our website latestly.com).
