SOVA Android Trojan Virus targeting Indian banking users

Share This Post

What is SOVA Android Trojan Virus?

SOVA is a new mobile banking ‘Trojan’ virus which can secretly encrypt an Android phone for ransom and is very difficult to remove from an Android device.

SOVA Android trojan targeting Indian banking users has recently been warned by Indian government cybersecurity agency Cert-In. Through keylogging, the banking trojan steals user passwords and usernames, steals cookies, and adds false overlays to apps to deceive users. 

In July 2022, SOVA added several other countries, such as India, to its list of targets. SOVA initially targeted the US, Russia, and Spain. In its latest version, this malware disguises itself as fake Android apps that mimic popular apps like Google, Amazon, and others to trick users into installing them.

Using this malware,the attackers are able to hack the users accounts by capturing their banking credentials, including usernames and passwords. Android smartphone users are advised to follow a list of dos and don’ts in order to protect themselves from this dangerous banking malware.

List of dos and don’ts to be safe while using Android phones

You should only download apps from trusted sources, such as Google Play Store

Make sure you download apps only from the official app stores, such as the Google Play Store on your Android operating system. The risk of downloading potentially harmful apps is reduced by 90% if you don’t check the “Untrusted Sources” checkbox when installing/side loading APK apps.

If you need to download an APK outside of Google Play Store, check the source first before downloading the app. In some cases, apps are being downloaded directly from the company website such as Dream 11.

It is always a good idea to check the ‘Additional Information’ on App Store

There is always a good reason for you to read the app’s details before downloading or installing it on your Android device (even from the Google Play Store), such as the number of downloads, user reviews and comments, and the section entitled ‘Additional Information’.

Flipkart Big Billion Days start on 23rd September. Get the best deals on phones under 15000 price range  

Be sure to check what permissions the app requires before clicking OK

Ensure that the app permissions are relevant to its functionality before granting them.

You should be careful what you click on in emails, SMS, and Google searches

If in doubt, users can use search engines to find the organisation’s website to ensure the websites they visit are legitimate. Click on URLs that clearly indicate the website domain. Attackers are smart enough to create an illusion of a legitimate website but you have to be aware and cautioned. Let’s take a look at attackers behaviour using the domain Flipkart.com

Fake e-commerce sites, which look like Flipkart, may use similar-looking URLs. For example:

Flipkart.dhamaka-offers.com/

Flipkart-bigbillion-sale.com/

http://flipkart.hikhop.com/

Or the website will have something else instead of ‘.com’, such as:

Flipkart.biz

Flipkart.org

Flipkart.info

At times, a fake Flipkart website will only look similar, but the URL will be completely unrelated. For example:

60dukan.xyz

Offernoffer.xyz

big-saving-days.xyz

Example of a fake Flipkart website by attackers

Full list of Government Recommendations & Best Practices: https://www.csk.gov.in/alerts/SOVA.html

spot_img

Related Posts

POCO X5 Overview, Specifications & Price in India

POCO X5 Overview - Poco is a sub-brand of...

The HomePod could have a screen by 2024, according to Apple

HomePod with a screen is expected to be added...

Android 14 is coming: Release Date and Supported Phones

Google is getting ready for Android 14 to release...
- Advertisement -spot_img