Users of online retail banking, money transfer services and other financial services applications are warned to be on their guard against a new Android mobile banking trojan, dubbed EventBot, which is targeting users of more than 200 services across Europe and the US, including Barclays, CapitalOne, HSBC and Santander.
EventBot was first spotted in March this year and has been tracked extensively by researchers on Cybereason’s Nocturnus team. It abuses Android’s accessibility features in order to steal user data from applications, read SMS messages and steal SMS messages – the latter gives it the ability to bypass two-factor authentication.
