Hacking Cyber Security. Cyber criminals are becoming more adept, innovative, and stealthy with each passing day. They have now shifted from traditional to more clandestine techniques that come with limitless attack vectors and are harder to detect. Security researchers have discovered that one of the most dangerous Android banking Trojan families has now been modified to add a keylogger to its recent strain, giving attackers yet another way to steal victims sensitive data. Wh.jpg' alt='Eset Smart Security 6 Newer Version Itunes' title='Eset Smart Security 6 Newer Version Itunes' />Kaspersky Labs Senior malware analyst Roman Unuchek spotted a new variant of the well known Android banking Trojan, dubbed Svpeng, in the mid of last month with a new keylogger feature, which takes advantage of Androids Accessibility Services. Trojan Exploits Accessibility Services to Add Keylogger. Yes, the keylogger added in the new version of Svpeng takes advantage of Accessibility Services an Android feature that provides users alternative ways to interact with their smartphone devices. This change makes the Svpeng Trojan able not only to steal entered text from other apps installed on the device and log all keystrokes, but also to grant itself more permissions and rights to prevent victims from uninstalling the Trojan. In November last year, the Svpeng banking trojan infected over 3. Android devices across the world over the span of only two months with the help of Google Ad. Sense advertisements that was abused to spread the malicious banking Trojan. Over a month ago, researchers also discovered another attack taking advantage of Androids Accessibility Services, called Cloak and Dagger attack, which allows hackers to silently take full control of the infected devices and steal private data. If You Are Russian, You Are Safe Although the new variant of the Svpeng malware is not yet widely deployed, the malware has already hit users in 2. Russia, Germany, Turkey, Poland, and France. But whats worth noticing is that, even though most infected users are from Russia, the new variant of Svpeng Trojan doesnt perform malicious actions on those devices. According to Unuchek, after infecting the device, the Trojan first checks the devices language. If the language is Russian, the malware prevents further malicious tasksthis suggests the criminal group behind this malware is Russian, who are avoiding to violate Russian laws by hacking locals. How Svpeng Trojan Steals Your Money. Unuchek says the latest version of Svpeng he spotted in July was being distributed through malicious websites that disguised as a fake Flash Player. Cd Driver Testing Inc there. Once installed, as I have mentioned above, the malware first checks for the device language and, if the language is not Russian, asks the device to use Accessibility Services, which opens the infected device to a number of dangerous attacks. Eset Smart Security 6 Newer Version Itunes' title='Eset Smart Security 6 Newer Version Itunes' />With having access to Accessibility Services, the Trojan grants itself device administrator rights, displays an overlay on the top of legitimate apps, installs itself as a default SMS app, and grants itself some dynamic permissions, such as the ability to make calls, send and receive SMS, and read contacts. Additionally, using its newly gained administrative capabilities, the Trojan can block every attempt of victims to remove device administrator rightsthereby preventing the uninstallation of the malware. Using accessibility services, Svpeng gains access to the inner working of other apps on the device, allowing the Trojan to steal text entered on other apps and take screenshots every time the victim presses a button on the keyboard, and other available data. Some apps, mainly banking ones, do not allow screenshots to be taken when they are on top. In such cases, the Trojan has another option to steal data it draws its phishing window over the attacked app, Unuchek says. It is interesting that, in order to find out which app is on top, it uses accessibility services too. All the stolen information is then uploaded to the attackers command and control C C server. As part of his research, Unuchek said he managed to intercept an encrypted configuration file from the malwares C C server. Decrypting the file helped him find out some of the websites and apps that Svpeng targets, as well as help him obtain a URL with phishing pages for both the Pay. Pal and e. Bay mobile apps, along with links for banking apps from the United Kingdom, Germany, Turkey, Australia, France, Poland, and Singapore. Besides URLs, the file also allows the malware to receive various commands from the C C server, which includes sending SMS, collecting information such as contacts, installed apps and call logs, opening the malicious link, gathering all SMS from the device, and stealing incoming SMS. Lukas Stefanko, malware researcher at ESET, has shared a video given below with The Hacker News, demonstrating the working of this malware. Crack Video Studio 12'>Crack Video Studio 12. The Evolution of Svpeng Android Banking Malware. Researchers at Kaspersky Lab initially discovered the Svpeng Android banking malware trojan back in 2. Phishing. Back in 2. FBI because they visited sites containing pornography and demanded 5. The malware was among the first to begin attacking SMS banking, use phishing web pages to overlay other apps in an effort to steal banking credentials and to block devices and demand money. Learn What is mobile hacking Read more indepth articles about mobile hacking, deep web search engine, hacker news, the hacker news, kat cr, how to hack, best. The most frustrating thing about a phone addiction is that unlike actual substance abuse, the solution is not to stop using it completely. Instead, we have to find. Head Basketball v1. Mod 4,483 Assassins Creed Rebellion v1. In 2. 01. 6, cyber criminals were actively distributing Svpeng via Google Ad. Sense using a vulnerability in the Chrome web browser, and now abusing Accessibility Services, which possibly makes Svpeng the most dangerous mobile banking malware family to date that can steal almost anythingfrom your Facebook credentials to your credit cards and bank accounts. How to Protect Your Smartphone From Hackers. With just Accessibility Services, this banking Trojan gains all necessary permissions and rights to steal lots of data from the infected devices. The malicious techniques of the Svpeng malware even work on fully updated Android devices with the latest Android version and all security updates installed, so it is little users can do in order to protect themselves. There are standard protection measures you need to follow to remain unaffected Always stick to trusted sources, like Google Play Store and the Apple App Store, but only from trusted and verified developers. Most importantly, verify app permissions before installing apps. If any app is asking more than what it is meant for, just do not install it. Do not download apps from third party sources, as most often such malware spreads via untrusted third parties. Avoid unknown and unsecured Wi Fi hotspots and Keep your Wi Fi turned OFF when not in use. Never click on links provided in an SMS, MMS or email. Even if the email looks legit, go directly to the website of origin and verify any possible updates. Install a good antivirus app that can detect and block such malware before it can infect your device, and always keep the app up to date.