Keeping your mobile device and its apps up to date is one of the most important things you can do to stay safe from the latest cyber threats1 But hackers are aware of this, so as in the case of the new Android banking trojan that is currently doing rounds online, Deba with the malware

according to a blog post from cyber security company Cyble, its researchers are not to be confused with the Brokewell malware that the team discovered last month Recently, we discovered a new Android Banking Trojan called Antidot

Once installed on one of the best Android phones, Antidot malware can collect contacts and text messages, harvest credentials, and devices

Here's everything you need to know about the Antidot Bank Trojan and how to safely protect your data from this and other malware strains This is along with some steps you can take to keep your own Android phone

Google Play is one of the most important apps on your Android phone, it allows you to download new apps from as well as update existing apps It is the kind of app you definitely want to keep up to date, so that the hackers behind this campaign can disguise it

Like other malware campaigns, this campaign uses phishing messages to trick users into installing them Unsuspecting users receive an email (or perhaps a text message) from Google that appears to tell them that they need to update google Play, and the message also contains a malicious link that leads to the malware itself that needs to be sideloaded as an APK file

Of particular interest in this campaign is that the fake Google Play update page it uses is made in several different languages, including English, German, French, Spanish, Russian, Portuguese and Romanian This allows the hackers behind the Antidot banking trojan to target a wide range of Android users from multiple countries at the same time without tweaking the national campaign itself

Once installed, the malware will display another fake update page and trick victims into accessing Android accessibility settings It is used to let you know if you have any problems Getting access to these services is what allows Antidot to gain full control over vulnerable Android smartphones as they can be exploited to see what is on the victim's screen as well as interact with their apps and other data

Antidot malware and other banking trojans perform malicious actions using a hacker-controlled Command and Control (C&C) server The server allows hackers to communicate directly with infected devices and tell malware what to do

From here, Antidot malware can execute a total of 35 different commands, from unlocking infected devices to making calls, collecting and sending text messages, sending push notifications, and locking devices This bank trojan can also copy text from the clipboard of an infected phone

However, to steal passwords and other credentials, Antidot uses overlay attacks in a similar way to other popular bank trojans likeErmAc, Chameleon, and Brokewell For those who are not familiar with overlay attacks, here's how they work When you open a banking app on your phone, the malware loads an HTML phishing page designed to look like that particular app, and when this page is on you enter your credentials to log in, they will then discharge your bank account, commit fraud or use your

malware with enough information Keylogging is used to capture everything, including passwords entered by the victim on an infected Android smartphone, if you have a bank or other financial app that does not have an overlay in your browser

Android malware like Antidot can be extremely dangerous because a lot of personal and financial information is stored on your phone However, by taking appropriate measures and implementing certain safety measures, you can avoid being harmed

For starters, I want to install new apps only from the Google Play Store or other official app stores such as the Amazon Appstore or the Samsung Galaxy Store It's convenient and fast, but it's best to avoid this altogether, as side-loading the app puts you and your device at risk

At the same time, you'll not click on any link in an email or text message sent by an unknown sender to your smartphone Hackers often send messages that try to instill a sense of urgency with a link to click on the bottom If you read the message and get working about what it says as if you need to update Google Play immediately in this case, re Also note that hackers can trick you by tricking your friends and family, as we saw in the recent "Look who died" scam

To stay safe from Android malware, you need to make sure that Google Play Protect is enabled on your smartphone This free antivirus app from Google scans all of your existing apps and any new apps you download for malware However, you should also consider downloading one of the best Android antivirus apps to add useful features such as VPN and password manager to protect and access them1

For how much data and money they can bring in for hackers, bank trojans go anywhere anytime soon That's why it's up to you to carefully examine the messages you receive and practice good cyber hygiene