Among the affected apps are Revolut, PayPal, and TransferWise.
A group of researchers belonging to a security company called Cybereason claims to have found new malicious software (‘ malware ‘) on Android devices. It is a ‘ trojan ‘ and is known as an EventBot, being able to gather data from bank apps, money transfers, or cryptocurrencies.
Researchers point out that this ‘ trojan ‘, in addition to being able to gather financial data from apps like Barclays, Revolut, Paypal, and Transferwise, is also capable of intercepting messages, allowing it to bypass security measures like two- factor authentication.
The Cybereason points out that the EventBot is still in the early development and is not on ‘loose’ in the official Google store but warn that could be “the next big ‘ mobile malware ‘ pointing to a ” high level of sophistication ” in the code. At the moment the advice is that Android smartphone users get their updates and apps from trusted and protected stores only.
“By accessing and stealing data, EventBot has the potential to access critical company data, including financial information. This ‘ Mobile Malware ‘ is a serious issue and a significant risk for both organizations and people “, said the head of the research division of Cybereason, Assaf Dahan.