Android Malware News: Svpeng Manages to Spread Across 23 Countries
A new type of Android malware has reportedly been victimizing mobile banking customers in 23 countries.
The well-known malware, Svpeng, is at it again. This time, there is a new modification to the code that has been causing problems with those who are using mobile banking applications on their Android smartphones.
The said modification, which is named Trojan-Banker.AndroidOS.Svpeng.ae, reportedly comes in the form of a fake Flash player. It also works as a keylogger, which has the capability to steal a user's text input from various applications installed in the device, through its accessibility services.
Once the user is tricked into installing it and allowing it to use the device's accessibility services, the Trojan is also said to give itself permission to counteract any attempt to uninstall the malware.
While most banking applications do not allow users to take screenshots, Svpeng is said to have a way to get around this by exploiting the device's accessibility services. As reported by ZDNet, the malware can even go as far as to present users with fake login pages of various banks.
In a span of a week, it has attacked only a moderate number of users, but it has already spread across several countries, concentrating mostly in Germany, Turkey, France, Poland, and even Russia, according to According to SecureList.
The good news for Russia is that the malware will not work on Android devices running in the Russian language.
According to The Register, the Svpeng malicious software has been existing for four years now. Its creator was already caught and sent to jail back in 2015, but the malware has continued to evolve because of other cyber criminals who are tinkering with the code.
The best way for Android users to avoid becoming a victim of the Svpeng malware is by not downloading applications from unknown sources, as well as being extra careful when certain applications require absolute access to the device.