Android users are pretty used to endless warnings about their phones but experts have just discovered a new bug that sounds truly terrifying. The latest attack for Android fans to be aware of – called ‘Escobar’ – is fully capable of taking complete control of bank accounts with it even able to steal multi-factor authentication data.
That’s pretty scary as, if you weren’t already aware, these unique codes are often sent to devices when someone tries to log into platforms such as an email account or online banking services to help keep them secure.
In the wrong hands, it’s easy to see how they could then be used to steal money and perform transactions without the owner’s permission.
Although ‘Escobar’ is new, this isn’t the first time this type of banking trojan has been spotted in the wild.
Back in 2021, the Aberebot Android bug caused similar mayhem but what makes ‘Escobar’ scarier is that it’s now more advanced with it able to infect devices, record audio, snap screenshots and steal those vital security codes.
So how does it get on your phone in the first place?
Unlike most Android threats – which are usually downloaded via fake apps on the Play Store – ‘Escobar’ appears to target users via APK files installed from the web.
One infected download was found to mimic an app that was supposedly from security firm McAfee.
According to the team at Bleeping computer, ‘Escobar’ has so far targeted customers from 190 financial institutions in 18 different countries.
It’s currently unclear how many Android devices have been infected with this new bug but it’s definitely worth being aware of what it can do as you may find less money in your bank account if you become a victim.
One way to avoid being targeted is to steer clear of any downloads that don’t come from an official source.
It’s also never a good idea to install anything that’s sent to you via an email or text message as this is how cyber thieves often spread their malware.
If you think you may have already installed ‘Escobar’ then it’s advised to delete the infected file and perform a full factory reset of your device.