HQ/EMEAFind out how we can help your business
A newly emerged spyware called the BingoMod malware has recently conducted a dangerous campaign against Android users.
Researchers claimed they encountered this remote access trojan (RAT) in May, which was previously an unknown malware. The malware’s primary objective is to conduct money transfers on Android smartphones. However, it has executed another trick of wiping its victims’ data, which makes it a very dangerous malware.
BingoMod behaves like any other Android malware strain, except for its data-wiping capabilities, which could significantly impact a victim.
According to reports, BingoMod functions similarly to other Android malware families that various research has discussed recently. First, the malware tricks the victim into installing a malicious application posing as legitimate AV software.
Subsequently, BingoMod prompts the user to grant the app access to Accessibility Services. Once the user follows the instructions, the APK will extract itself and execute its dangerous payload.
Next, the malware will start operating in the background and try to steal user credentials via keylogging and SMS interception. Once its operators get the necessary info, they can take over a device and transact money.
The malware alters system settings on the user’s device, restricts the activity of select apps, and sometimes uninstalls other apps when needed to establish persistence on the infected device. However, new research revealed that BingoMod offers another method to bypass detection.
The latest research stated that BingoMod’s most prominent security feature is the ability to wipe the device remotely using a specific command. BingoMod can implement this feature as a device administrator, typically executed following a successful fraud.
However, because this functionality is exclusively limited to the device’s external storage, the researchers suspect that the attackers do the whole wipe directly from the device’s system settings, exploiting BingoMod’s remote access capabilities.
While researchers note that BingoMod is not as sophisticated as other well-known Android viruses, such as the SharkBot banking malware, they still warn that this malware poses significant dangers to end-users and financial institutions due to its capability for significant economic loss and disruption of personal data security.
