CERT-In Says Mobile Banking Android Malware 'EventBot' Horsing Around in Cyberspace

A Trojan is a virus or malware that cheats a victim to stealthily attack its computer or phone-operating system.

Advertisement
By Press Trust of India | Updated: 15 May 2020 00:50 IST
Highlights
  • CERT-In is the national technology arm to combat cyber attacks
  • The cyber security agency has suggested certain counter-measures
  • It also asked users to avoid using unsecured, unknown Wi-Fi networks

The cyber security agency has suggested certain counter-measures to check the virus in Android phones

A mobile banking malware called "EventBot", which steals personal financial information, may affect Android phone users in India, the federal cyber-security agency has said in a latest advisory.

The CERT-In has issued a caution, saying the Trojan virus may "masquerade as a legitimate application such as Microsoft Word, Adobe Flash, and others using third-party application downloading sites to infiltrate into victim device".

Advertisement

A Trojan is a virus or malware that cheats a victim to stealthily attack its computer or phone-operating system.

"It has been observed that a new Android mobile malware named EventBot is spreading.

Advertisement

"It is a mobile-banking Trojan and info-stealer that abuses Android''s in-built accessibility features to steal user data from financial applications, read user SMS messages and intercept SMS messages, allowing malware to bypass two-factor authentication," the CERT-In advisory said.

The Computer Emergency Response Team of India (CERT-In) is the national technology arm to combat cyber attacks and guard the Indian cyber space.

Advertisement

"EventBot", it said, targets over 200 different financial applications, including banking applications, money-transfer services, and cryptocurrency wallets, or financial applications based in the US and Europe region at the moment but some of their services may affect Indian users as well.

The virus "largely targets financial applications like Paypal Business, Revolut, Barclays, UniCredit, CapitalOne UK, HSBC UK, TransferWise, Coinbase, paysafecard etc.," the CERT-In said.

Advertisement

The agency said while "EventBot" has not been "seen" on Google Play Store till now, it can "masquerade" as a genuine mobile phone application.

"Once installed on victim''s Android device, it asks permissions such as controlling system alerts, reading external storage content, installing additional packages, accessing Internet, whitelisting it to ignore battery optimisation, prevent processor from sleeping or dimming the screen, auto-initiate upon reboot, receive and read SMS messages, and continue running and accessing data in the background," the advisory explained.

The virus further prompts the users to give access to their device accessibility services.
"Also, it can retrieve notifications about other installed applications and read contents of other applications.

"Over the time, it can also read Lock Screen and in-app PIN that can give attacker more privileged access over victim device," the advisory said.

The cyber-security agency has suggested certain counter-measures to check the virus infection into Android phones:

"Do not download and install applications from untrusted sources like unknown websites and links on unscrupulous messages; install updated anti-virus solution; prior to downloading or installing apps (even from Google Play Store), always review the app details, number of downloads, user reviews, comments, and the ''additional information'' section.

Exercise caution while visiting trusted/un-trusted sites for clicking links; install Android updates and patches as and when available; users are advised to use device encryption or encrypting external SD card feature available with most of the Android operating system."

It also asked users to avoid using unsecured, unknown Wi-Fi networks and for prior confirming of a banking/financial app from the source organisation.

"Make sure you have a strong artificial intelligence (AI) powered mobile antivirus installed to detect and block this kind of tricky malware if it ever makes its way onto your system," the advisory states.


Which is the bestselling Vivo smartphone in India? Why has Vivo not been making premium phones? We interviewed Vivo's director of brand strategy Nipun Marya to find out, and to talk about the company's strategy in India going forward. We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Tecno's Camon 50 Ultra 5G Will Arrive in India on This Date via Amazon
  2. Sony IER-M500 In-Ear Monitors Launched With 5mm Driver, Hi-Res Audio
  3. iPhone 18 Pro Max May Cost Apple Much More to Build Than Its Predecessor
  4. HMD Arc 2 Introduced With Upgraded Chip and 5,000mAh Battery: See Price
  5. Motorola Edge 70 Max to Launch in India On This Day
  6. Apple Reviews iPhone 17 Demand as Costs Rise Due to Memory Shortage: Report
  7. OTT Releases This Week: Peddi, Ikka, Balti, Dose, The Westies, and More
  1. Tecno Camon 50 Ultra 5G India Launch Date Announced; Colourways and Amazon Availability Confirmed
  2. Apple Reportedly Reviews iPhone 17 Demand as Costs Rise Amid Ongoing Memory Shortage
  3. Interpol Traces $122 Million Crypto Wallet Connected to Romance Scam Network
  4. Hong Kong's Securities and Futures Commission Tightens Anti-Phishing Standards for Crypto Platforms
  5. Itel Zeno 100 Pro India Launch Date Announced as Company Teases Zeno 100 Lite Arrival, Key Features
  6. Sony RX10 V Compact Camera Launched With 20.1-Megapixel Sensor, 4K 120fps Video Recording and 25x Optical Zoom
  7. Motorola Edge 70 Max India Launch Date Announced; Design, Key Features Revealed
  8. Asus Vivobook 14, Vivobook 15 Refreshed With Intel Core Series 3 Processors: Price, Availability
  9. Call of Duty: Black Ops and Black Ops 2 Ports Released on PS4 and PS5
  10. Samsung Galaxy Z Fold 8, Z Fold 8 Ultra Prices Surface Ahead of Unpacked Launch Event
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.