Svpeng, the Trojan that threatens even the updated Android

[OyaYansa]

Bad news for Android users. A new mobile banking trojan known as Svpeng has been discovered in the last few hours. The peculiarity of this new virus is that it incorporates keylogger functionalities, an asocidad technique with actors of directed threats, stealing banking data and defending of attempts to be uninstalled.

As if this were not enough, the Trojan Svpeng is operating on terminals that have all their software updated, according to the alert launched from Kapersky Lab.

Accessibility services often take the form of interface improvements (UI) to support users with some functional diversity or also for those who temporarily can not interact with a device, for example, that they are driving

Last June, Kaspersky Lab researchers discovered that the Svpeng Trojan had evolved to exploit the features of this system, and was able to steal the text entered in the device from other applications, while taking other rights Additional.

The Svpeng Trojan is distributed through malicious web pages posing as a fake flash replay app. Once it has been activated on the Android terminals, it requests permission to use the accessibility services (which the user grants without realizing it is a threat). In this way you have access to the interface improvements of the rest of installed applications as well as make screen captures every time keys are entered through the keyboard. For applications that do not allow an image of the screen, such as banking, this Trojan draws an'phishing 'window on the application.

Also, Svpeng can also be installed as the default SMS application, send and receive SMS, make calls, read contacts and block any attempt to remove the device management rights, thus avoiding its uninstallation.

Trojan techniques work even on fully updated devices, which feature the latest version of Android OS and all day-to-day security updates. This means that keeping the device software up to date is not enough to be protected against this Trojan while the methods of data theft evolve surprisingly in regards to mobile banking malware.