Express Computer
Home  »  News  »  New viruses prowling cyberspace to steal money, personal data: CERT-In

New viruses prowling cyberspace to steal money, personal data: CERT-In

0 550

Two social media-triggered spyware viruses – ‘virtual girlfriend’ and ‘panda banker’ – have creeped into the Indian cyberspace and can steal a user’s banking details and secret data once activated unknowingly, a cyber security advisory has said. The more notorious one is personal data stealing virus ‘virtual girlfriend’ that infects a user’s Android-based smartphone via popular social media site Twitter.

“There have been reports of a new Android malware family which is being spread disguised as an adult game known as virtual girlfriend through Twitter,” the Computer Emergency Response Team of India (CERT-In) said in a latest advisory. “This malware has the capability to steal the user’s data on to the C2 server (command and control server used by the virus),” it said.

CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian internet domain.

The advisory said that the “primary source of this malware is Twitter” and there are multiple handles (possibly bots) on this micro-blogging site that have been sharing the short link to this malware to entice users into installing it on their devices.

The agency said the malware cons the user by flashing a message that it is getting uninstalled, but instead, it hides its icon from the app (application) drawer and continues to run silently in the background.

It then steals the Android phone user’s mobile number, account detail, installed app list, contacts and SMSes, the advisory said. Once the classified information is compromised, the person becomes more vulnerable to cyber frauds that may lead to the user’s money being robbed rob and personal details such as photos and message content compromised, a cyber security expert said.

Similarly, the other spyware that has been noticed on the internet is the ‘panda banker’, a spin-off of the zeus banking trojan malware (a prominent hacking virus). “It leverages man-in the-browser or web inject attack techniques to steal user’s banking credentials,” the advisory said.

The malware, it said, generally spreads via unscrupulous attachments or via exploit kits (malicious snooping virus programmes) such as “ngler”, “nuclear” and “neutrino” exploit kits.

“Though, the prime-targeted sector of this malware is financial sector and crypto-currency sites, it also expands its attack in different organisation sectors like social networking sites, search, e-mail and adults sites,” it said. Once successfully installed, this virus starts analysing the victim’s system to get information such as name of anti-virus, computer name, spyware installed, username, local time, among others, and sends this data to the C2 server, it said.

The malware finally starts performing unauthorised, malicious activities like stealing the banking credentials, generating fraudulent transactions using automatic transfer system (ATS), web inject ,installing ransomware, crypto mining among others.

The CERT-In has suggested users to follow safe browsing practices along with deploying certain countermeasures to thwart the two viruses.

“Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list and never click on a URL (universal resource locator) contained in an unsolicited e-mail, even if the link seems benign. In cases of genuine URLs close out the e-mail and go to the organisation’s website directly through browser,” the cyber security watchdog said.

It made a specific suggestion that prior to downloading or installing apps on android devices (even from Google play store), one should always review the app details, number of downloads, user reviews, comments and the additional information section there.

Users should also “enable” the two-factor authentication for their Google or other accounts and should use device encryption or encrypting external SD card, it said, adding one should avoid using unsecured, unknown Wi-Fi networks.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image