Snowblind Malware That can steal Bank Data from Android

The advent of mobile banking has brought unparalleled convenience, yet it also introduces a growing security challenge. A newly identified malware named ‘Snowblind’ specifically targets Android users, aiming to pilfer banking credentials.

Snowblind, a malicious software discovered by cybersecurity firm Promon, specializes in infiltrating Android devices to extract sensitive banking information. This malware covertly captures banking login details and executes unauthorized transactions.

Typically, users inadvertently download the malware disguised within seemingly legitimate applications. According to Vidar Krey, VP of Engineering at Promon, Snowblind reconfigures apps to evade detection, exploiting accessibility features to surreptitiously collect sensitive data and remotely manipulate apps. “We suspect these applications have likely spread beyond official app stores, often through social engineering tactics—a persistent and widely recognized method of deceiving less tech-savvy users,” Mr. Krey informed PCMag.

Unlike conventional Android threats, Snowblind sidesteps built-in security measures by exploiting a feature in the Linux kernel called “seccomp,” designed to thwart unauthorized alterations. By injecting code before seccomp activates, Snowblind circumvents security checks and employs accessibility services to monitor screens, facilitating the theft of login credentials and interception of banking app sessions. This capability allows Snowblind to disable biometric and two-factor authentication (2FA), heightening the risk of fraud and identity theft. Operating discreetly in the background, the malware can go unnoticed by users.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Sign Up for CXO Digital Pulse Newsletters

Sign Up for CXO Digital Pulse Newsletters to Download the Research Report

Sign Up for CXO Digital Pulse Newsletters to Download the Coffee Table Book

Sign Up for CXO Digital Pulse Newsletters to Download the Vision 2023 Research Report

Download 8 Key Insights for Manufacturing for 2023 Report

Sign Up for CISO Handbook 2023

Download India’s Cybersecurity Outlook 2023 Report

Unlock Exclusive Insights: Access the article

Download CIO VISION 2024 Report