Google Warns of Hack That Takes Control of Android Phones and Bank Accounts
Table of Contents
- By Steven
- Apr 12, 2022
Google’s digital security team is warning Android phone users of a new hack that can obtain control of phones in mere seconds. The attack is designed to gain access to a target’s bank account in under a minute.
Who Should Be Worried About the New Hack?
Google representatives state Android phone users who are using old apps that have not been updated in years should reconsider their use. However, billions of individuals across the globe have such outdated apps, meaning the new hack will likely have plenty of targets to zero in on even if most Android phone owners review their library of apps.
How Does the Attack Work?
The hackers behind the Android attack initiate the scam when Android users believe their phone is in the off position. The digital criminals have even gone as far as incorporating a black screen to conceal the attack. The targeted phone’s brightness is remotely controlled so that it moves down to a zero setting. The phone’s notifications are remotely disabled to make the victim think nothing is happening.
It is at this point that the attack occurs. In fact, the attackers can do just about anything with the compromised phone without the owner having any awareness of the activity.
The malware installed during the latest Android attack sets the stage for hackers to copy, alter, and even write messages and other data as if they are controlling the phone with their own fingers. The hack also monitors the user’s actions, meaning the digital criminals can retrieve users’ passwords and PINs.
Is This a Completely New Attack?
Digital security professionals insist the attack in question has occurred in another form in the past. The name for the malware installed during the attack is “Octo,” yet there will likely be a new moniker that arises in the weeks ahead pertaining to the version that specifically targets Android phones. Octo is a spinoff of the trojan virus known as ExobotCompact that debuted four years ago.
According to Threat Fabric, Octo is bought and sold on the dark web. Octo is a type of fraud that occurs on-device in which a phony internet browser or Google Play Store app updates web-based notices in an attempt to trick people into downloading the malware. Android phone owners should also be aware of the Fast Cleaner app, which has more than 50,000 installations and contains Octo.
How Has the Google Play Store Responded to the Attack?
The Google Play Store’s digital security specialists know that Octo runs on droppers available through its online storefront. These digital security professionals removed it from the store two months ago. Google representatives indicate it is in the interest of Android users to review their apps, highlighting those that have not been used in years and those that have not been updated in recent years.
Though Google is not recommending that these apps be deleted, the company is encouraging Android phone users with such apps to think twice before using them. If you are worried about your computing device being targeted for such an account takeover, it will also help to install the industry’s top digital safeguards.