Customers are being warned by banks like SBI, PNB, and Canara Bank about SOVA VIRUS

[{"selector":"#anim-9d8f9b2b-a931-44d6-b85e-81a97a8960c9 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(-0.470367418411681%, 2.733316014845931e-7%) scale(0.9009009009009009)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] According to the SBI tweet, SOVA is an Android banking trojan malware that targets banking apps to steal personal information.

[{"selector":"#anim-099dbdd2-13ff-4998-a13a-009fa6d2b2f3 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(-0.470367418411681%, 2.733316014845931e-7%) scale(0.9009009009009009)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] This malware captures the credentials when users log into their net-banking apps and access bank accounts.

[{"selector":"#anim-c33dfccf-a3c5-4d1a-8bad-df0d6c712454 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(-0.470367418411681%, 2.733316014845931e-7%) scale(0.9009009009009009)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] According to the PNB website note on SOVA Trojan, “the malware is distributed via smishing (phishing via SMS) attacks, like most Android banking Trojans.

[{"selector":"#anim-33fb3c82-d3f3-440a-8913-6eba55f64b68 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(-0.470367418411681%, 2.733316014845931e-7%) scale(0.9009009009009009)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] Once the fake android application is installed on the phone, it sends the list of all applications installed on the device to the C2 (Command and Control server) controlled by the threat actor in order to obtain the list of targeted applications.

[{"selector":"#anim-e721a0fb-7f1f-4d24-845c-3a2039bba784 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(-0.470367418411681%, 2.733316014845931e-7%) scale(0.9009009009009009)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] At this point, the C2 sends back to the malware the list of addresses for each targeted application and stores this information inside an XML file.

[{"selector":"#anim-500a7e1a-ab39-4e75-8948-110b4d9c634c [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(-0.470367418411681%, 2.733316014845931e-7%) scale(0.9009009009009009)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] What is the malware capable of performing? The malware is capable to perform the following functions, according to the PNB website: collect keystrokes steal cookies intercept multi-factor authentication (MFA) tokens take screenshots and record video from a webcam perform gestures like screen click, swipe etc. using android accessibility service copy/paste ·adding false overlays to a range of apps ·mimic over 200 banking and payment applicat io ns

[{"selector":"#anim-210ae81e-6326-4092-8bc2-942f9bbd3fd7 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(-0.470367418411681%, 2.733316014845931e-7%) scale(0.9009009009009009)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] Canara Bank also warned its customers about SOVA Android Trojan, and asked its customers to report to hoisg@canarabank.com or cisco@canarabank.com in case of any incidents.

Other stories

[{"selector":"#anim-fb256f8a-9e42-4b42-bdcf-fd90be663a4b","keyframes":{"opacity":[0,1]},"delay":400,"duration":1600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-8edb0b06-106e-4385-8040-491c00791f51","keyframes":{"transform":["translate3d(-148.46153%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":400,"duration":1600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-425dbc56-eb2c-4d87-b18c-2cb8f5578960","keyframes":{"opacity":[0,1]},"delay":800,"duration":1600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-dcc1be76-f20f-437e-8d94-87ab3969fa80","keyframes":{"transform":["translate3d(149.23076%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":800,"duration":1600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-4db54b4b-50ca-4d3b-a200-62db0b27e8db","keyframes":{"opacity":[0,1]},"delay":1200,"duration":1600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-089d9a7d-35ee-44a5-b803-e909785d1591","keyframes":{"transform":["translate3d(-148.46153%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":1200,"duration":1600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-63ec8ffd-4ae9-4a21-8da4-f45cd10efabe","keyframes":{"opacity":[0,1]},"delay":500,"duration":1000,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"both"}] [{"selector":"#anim-251e0f0e-2e3c-4b6a-9ce7-7d7af0f6172b","keyframes":{"opacity":[0,1]},"delay":900,"duration":1000,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"both"}] [{"selector":"#anim-a218a32c-43e3-44cf-9739-12ec7f7a7e2c","keyframes":{"opacity":[0,1]},"delay":1300,"duration":1000,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"both"}] [{"selector":"#anim-a1635f47-5927-4d95-b7c8-4298234e6b6e","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-afeb792c-c2dd-481a-8f1c-549856980e15","keyframes":{"transform":["rotate(20deg) translate3d(44.33333%, 0px, 0) rotate(-20deg)","rotate(20deg) translate3d(0px, 0px, 0) rotate(-20deg)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] Best apps for power lifters Learn how to do a squat correctly Top 5 muscle building apps