Android users are being warned about a dangerous new piece of malware that is targeting Google-powered smartphones. The MailBot malware was only discovered for the first time last month, but it’s already rising up the ranks of the most dangerous threats Android and Google Pixel users are facing. A new study from security experts Check Point has revealed in the space of just one month MailBot has become the third-most widespread bug.
This malware is capable of stealing passwords, bank details and data from cryptocurrency wallets. It can also bypass two-factor authentication (2FA), which is especially worrying for those that have enabled this thinking it will keep the safe. Two-factor authentication should make sure accounts can only be accessed once a unique code has been sent to the user but MailBot has found a way of hijacking this system leaving users more vulnerable to attack.
If all of this wasn’t enough. MailBot can also access text messages, steal cookies from victims’ web browsers and also take screen captures from infected Android devices.
To help this malware spread even further MailBot can also take over Android’s SMS function to send malicious texts to a victim’s contacts. Hackers know that if a message comes from a “friend” it’s far more likely that a victim will trust and download anything attached.
MailBot has spread far and wide after co-ordinated action helped take down the similar FluBot malware in May.
FluBot was also capable of stealing passwords, bank details and using a victim’s contacts to spread the malware even further.
Speaking about this new Android threat, researchers at Check Point said: “While it’s always good to see law enforcement successful in bringing down cybercrime groups or malwares like FluBot, sadly it didn’t take long for a new mobile malware to take its place. Cybercriminals are well aware of the central role that mobile devices play in many peoples’ lives and are always adapting and improving their tactics to match. The threat landscape is evolving rapidly, and mobile malware is a significant danger for both personal and enterprise security. It’s never been more important to have a robust mobile threat prevention solution in place.”
The only pieces of malware that were more widespread on Android than MailBot was AlienBot and Anubis.
AlienBot – the most widely circulated piece of Android malware in June – is the name of a family of viruses which opens the door to remote attacks that compromise financial apps and can completely take control of a device.
Anubis, meanwhile, is a banking trojan designed for Android which has been found on hundreds of different apps on the Google Play Store.
This malware is capable of keylogging, record audio covertly as well as being capable of ransomware attacks.