1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This dangerous new malware now also packs ransomware to lock your

    From TechnologyDaily@1337:1/100 to All on Tue Aug 16 20:30:23 2022
    This dangerous new malware now also packs ransomware to lock your Android phone

    Date:
    Tue, 16 Aug 2022 19:09:20 +0000

    Description:
    Fifth version of the SOVA trojan comes with ransomware capabilities, researchers warn.

    FULL STORY ======================================================================

    A new strain of dangerous ransomware has evolved to target Android devices, researchers are warning.

    Experts from Cleafy have analyzed the fifth and latest version of the popular Android banking trojan SOVA, and discovered multiple new features, including the ability to encrypt locally stored files.

    According to the researchers, the malware uses AES encryption to add the .enc extension to all files and prevent the user from accessing them. Developing the trojan

    "The ransomware feature is quite interesting as it's still not a common one
    in the Android banking trojans landscape. It strongly leverages on the opportunity arises in recent years, as mobile devices became for most people the central storage for personal and business data," Cleafy says.

    The fifth version of the trojan is not fully developed, the researchers
    added, but warned it is nevertheless ready for mass deployment.

    SOVAs owners have been aggressively developing their product for the past couple of months. So far this year, the tool has seen numerous new tools introduced, including two-factor authentication interception, as well as new injections for multiple global banks. It has also seen virtual network computing (VNC) capabilities for on-device fraud. This feature, however,
    still seems to be under construction. Read more

    Ransomware attacks are on the rise, so make sure your business is protected


    Ransomware is more of a threat to businesses than ever before


    Keep your business safe with the best endpoint protection

    SOVA is currently capable of targeting more than 200 banks worldwide, as well as numerous cryptocurrency exchanges, and digital wallets. It is capable of taking screenshots, performing taps and swipes, stealing files from compromised endpoints, and adding overlay screens for various apps. It can also steal cookies froM Gmail, Gpay, as well as Google Password Manager.

    So far, ransomware was only reserved for desktop devices and servers, as its operators were mostly interested in targeting companies and corporations. It seems as the threat actors are looking to diversify, as businesses get better at protecting their premises and keeping airgapped backups. Here's what we think are the best Android phones you can buy today

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/this-dangerous-new-malware-now-also-packs-ranso mware-to-lock-your-android-phone/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)