A nasty new Android spyware is keeping track of everything you do on your screen.
Users of Android smartphones and tablets have been warned about a new strain of spyware that monitors everything they do. Literally.
Android users are being cautioned about a sneaky malware infection dubbed “Vultur” by security specialists. This predatory new type of spyware, which is capable of recording everything that happens on your screen, deserves a moniker like this. That means everything from your logins and passwords to your entire internet history, bank account information, and even private text messages and social media activity are all kept track of.
Vultur is a banking trojan that takes a more complicated strategy than its counterparts. Vultur uses screen recording and key logging instead of overlays to fool visitors into filling in their account data, mistakingly believing they’re logging onto a reputable website.
So, while you’ll be logging into legitimate websites, such as your online banking and social media accounts, the spyware will be recording everything you tap on the screen and type. Yikes.
This is a more complex method that needs more time and effort from threat actors, as security experts at Threat Fabric noted in a blog post. The Vultur malware was first identified in late March, according to researchers, and it was disseminated via the well-known Brunhilda dropper network.
Droppers distributing the Vultur malware were discovered on a Google Play Store app that had been downloaded millions of times.
Protection Guard was the name of the software in question, and it claimed to help Android users secure the security of their banking and social accounts.
The Google Play Store has since taken it down.
“In late March 2021, ThreatFabric spotted a new RAT virus that we termed Vultur due to its full exposure on victims’ devices via VNC,” Threat Fabric said of the security danger. For the first time, we’ve seen an Android banking malware that uses screen recording and keylogging as its primary method of harvesting login credentials in a scalable and automated manner.
“The actors chose to avoid the conventional HTML overlay tactic used by previous Android banking Trojans: this approach normally necessitates more time and effort on the part of the actors in order to acquire relevant data from the user. Instead, they elected to just record what is displayed on the screen, achieving the same result.”Brinkwire Summary News”.