Cybereason Discovers Mobile Device Malware Targeting the Users of Popular Financial Banking Apps in EMEA and U.S.

Cybereason, creators of the award-winning Cyber Defense Platform today, unveiled new research from its Nocturnus Research team, titled 'EventBot: A New Mobile Banking Trojan is Born,' an investigation into new Android mobile malware targeting users of more than 200 financial apps, including banking, money transfer services and crypto-currency wallets. EventBot is targeting the users in countries across Europe and the United States.

EventBot is a new type of Android mobile malware that Cybereason has been investigating since March 2020. EventBot abuses Android’s accessibility features to steal user data from financial applications, read user SMS messages and steal SMS messages to allow the malware to bypass two-factor authentication. The more than 200 financial apps targeted include: Paypal Business, Barclays, UniCredit, CapitalOne, HSBC, Santander, TransferWise, Coinbase and many more.

“Cybereason believes EventBot could be the next influential mobile malware because of the time the developer has already invested into creating the code and the level of sophistication and capabilities is really high. By accessing and stealing this data, Eventbot has the potential to access key business data, including financial data. Mobile malware is no laughing matter and it is a significant risk for organizations and consumers alike,” said Assaf Dahan, Senior Director, Head of Threat Research, Cybereason.

Organizations can protect themselves from the growing mobile threat by improving their security hygiene, launching a security awareness training program and these additional measures, including:

• Keep your mobile device up-to-date with the latest software updates from legitimate sources.
• Keep Google Play Protect on.
• Do not download mobile apps from unofficial or unauthorized sources. Most legitimate Android apps are available on the Google Play Store.
• Always apply critical thinking and consider whether you should give a certain app the permissions it requests.
• When in doubt, check the APK signature and hash in sources like VirusTotal before installing it on your device.
• Use mobile threat detection solutions for enhanced security.

About Cybereason
Cybereason, creators of the leading Cyber Defense Platform, gives the advantage back to the defender through a completely new approach to cybersecurity. Cybereason offers endpoint prevention, detection and response and active monitoring. The solution delivers multi-layered endpoint prevention by leveraging signature and signatureless techniques to prevent known and unknown threats in conjunction with behavioral and deception techniques to prevent ransomware and fileless attacks. Cybereason is a privately held, international company, headquartered in Boston, MA with customers in more than 30 countries.

MediaContact:                                                                                                                                                          Bill Keeler
Senior Director, Global Public Relations
Cybereason
bill.keeler@cybereason.com
(929) 259-3261