Firstpost
  • Home
  • Video Shows
    Vantage Firstpost America Firstpost Africa First Sports
  • World
    US News
  • Explainers
  • News
    India Opinion Cricket Tech Entertainment Sports Health Photostories
  • Asia Cup 2025
Apple Incorporated Modi ji Justin Trudeau Trending

Sections

  • Home
  • Live TV
  • Videos
  • Shows
  • World
  • India
  • Explainers
  • Opinion
  • Sports
  • Cricket
  • Health
  • Tech/Auto
  • Entertainment
  • Web Stories
  • Business
  • Impact Shorts

Shows

  • Vantage
  • Firstpost America
  • Firstpost Africa
  • First Sports
  • Fast and Factual
  • Between The Lines
  • Flashback
  • Live TV

Events

  • Raisina Dialogue
  • Independence Day
  • Champions Trophy
  • Delhi Elections 2025
  • Budget 2025
  • US Elections 2024
  • Firstpost Defence Summit
Trending:
  • Charlie Kirk shot dead
  • Nepal protests
  • Russia-Poland tension
  • Israeli strikes in Qatar
  • Larry Ellison
  • Apple event
  • Sunjay Kapur inheritance row
fp-logo
New Android malware called 'MysteryBot' can steal your bank details and encrypt files
Whatsapp Facebook Twitter
Whatsapp Facebook Twitter
Apple Incorporated Modi ji Justin Trudeau Trending

Sections

  • Home
  • Live TV
  • Videos
  • Shows
  • World
  • India
  • Explainers
  • Opinion
  • Sports
  • Cricket
  • Health
  • Tech/Auto
  • Entertainment
  • Web Stories
  • Business
  • Impact Shorts

Shows

  • Vantage
  • Firstpost America
  • Firstpost Africa
  • First Sports
  • Fast and Factual
  • Between The Lines
  • Flashback
  • Live TV

Events

  • Raisina Dialogue
  • Independence Day
  • Champions Trophy
  • Delhi Elections 2025
  • Budget 2025
  • US Elections 2024
  • Firstpost Defence Summit

New Android malware called 'MysteryBot' can steal your bank details and encrypt files

tech2 News Staff • June 19, 2018, 09:02:39 IST
Whatsapp Facebook Twitter

MysteryBot has commands which can steal your emails and remotely start app.

Advertisement
Subscribe Join Us
Choose
Firstpost on Google
Choose
Firstpost on Google
New Android malware called 'MysteryBot' can steal your bank details and encrypt files

A new type of Android malware called MysteryBot has been found which combines a ransomware, a keylogger and a banking trojan on your smartphone. This malware is said to feature capabilities such as getting contacts and messages saved on a device, manipulate banking apps and also register keystrokes. [caption id=“attachment_3988473” align=“alignleft” width=“380”]Image: Uncalno Tekno Image: Uncalno Tekno[/caption] This new vulnerability, which was found out by ThreatFabric, is quite similar to the malware LokiBot. This is because both MysteryBot and LokiBot are currently running on the same command and control server. This, in turn, means that both the malware could have been made by the same attacker, as per the blog post. However, MysteryBot has some more threats as compared to LokiBot. For one, MysteryBot has commands which can steal your emails and remotely start apps and its main targets are users who are on Android 7.0 and Android 8.0. More importantly, the malware has a secret code which can overlay a duplicate screen on banking apps, tricking you into putting your credentials into the fake screen. These credentials are then sent to a remote server controlled by the attacker. As per the blog post, there are several banks which are being targetted such as IDBI, HDFC, HSBC, ICICI, SBI and more. The malware also has a keylogger, which is a kind of surveillance software having the capability to record every keystroke made on that system. A keylogger can record instant messages, email, and capture any information you type at any time using your keyboard. But ThreatFabric believes that the keystroke function in the malware is not fully operational.“The code for this the keylogger seems to still be under development as there is no method yet to send the logs to the C2 server,” said the blog post. There are also **Ransomware** capabilities in the malware, allowing the MysteryBot to encrypt files on your device’s external storage. “The encryption process puts each file in an individual ZIP archive that is password protected, the password is the same for all ZIP archives and is generated during runtime. When the encryption process is completed, the user is greeted with a dialogue accusing the victim of having watched pornographic material,” said the blog post. MysteryBot is also capable of manipulating a service permission called as ‘Package Usage Stats’. This allows the trojan to change app permissions without the user’s consent. Since MysteryBot is still under development, it doesn’t look like the malware is widespread. However, as a safety measure do not install apps from unverified sources.

Tags
NewsTracker Trojan Ransomware Android 7.0 Keylogger Android 8.0 MysteryBot
  • Home
  • Tech
  • News & Analysis
  • New Android malware called 'MysteryBot' can steal your bank details and encrypt files
End of Article
Latest News
Find us on YouTube
Subscribe
  • Home
  • Tech
  • News & Analysis
  • New Android malware called 'MysteryBot' can steal your bank details and encrypt files
End of Article

Top Stories

US ready to ‘impose costs’ on Russia if war in Ukraine drags on, says Hegseth

US ready to ‘impose costs’ on Russia if war in Ukraine drags on, says Hegseth

US tells Hamas to stop violence against Gaza civilians and disarm 'without delay'

US tells Hamas to stop violence against Gaza civilians and disarm 'without delay'

China seizes 60,000 maps mislabelling Taiwan, omitting South China Sea islands

China seizes 60,000 maps mislabelling Taiwan, omitting South China Sea islands

Syria’s Sharaa pledges to honor Russia ties, seeks economic and military support in Kremlin visit

Syria’s Sharaa pledges to honor Russia ties, seeks economic and military support in Kremlin visit

US ready to ‘impose costs’ on Russia if war in Ukraine drags on, says Hegseth

US ready to ‘impose costs’ on Russia if war in Ukraine drags on, says Hegseth

US tells Hamas to stop violence against Gaza civilians and disarm 'without delay'

US tells Hamas to stop violence against Gaza civilians and disarm 'without delay'

China seizes 60,000 maps mislabelling Taiwan, omitting South China Sea islands

China seizes 60,000 maps mislabelling Taiwan, omitting South China Sea islands

Syria’s Sharaa pledges to honor Russia ties, seeks economic and military support in Kremlin visit

Syria’s Sharaa pledges to honor Russia ties, seeks economic and military support in Kremlin visit

Top Shows

Vantage Firstpost America Firstpost Africa First Sports
Enjoying the news?

Get the latest stories delivered straight to your inbox.

Subscribe
Latest News About Firstpost
Most Searched Categories
  • Web Stories
  • World
  • India
  • Explainers
  • Opinion
  • Sports
  • Cricket
  • Tech/Auto
  • Entertainment
  • IPL 2025
NETWORK18 SITES
  • News18
  • Money Control
  • CNBC TV18
  • Forbes India
  • Advertise with us
  • Sitemap
Firstpost Logo

is on YouTube

Subscribe Now

Copyright @ 2024. Firstpost - All Rights Reserved

About Us Contact Us Privacy Policy Cookie Policy Terms Of Use
Home Video Shorts Live TV