publish time

01/08/2024

author name Arab Times

publish time

01/08/2024

New Android threat: BingoMod malware can empty your bank and erase your phone.

KUWAIT CITY, Aug 1: Researchers from Cleafy Labs have identified a new and alarming Android malware, dubbed BingoMod, which has emerged as a significant threat in recent months. First analyzed in May, this previously undiscovered remote administration tool (RAT) is designed to initiate unauthorized money transfers on Android devices and has the capability to wipe all user data once its malicious activities are complete.

BingoMod operates similarly to other recent Android malware families. It typically deceives victims into installing a malicious app masquerading as legitimate antivirus software. Once installed, the malware prompts users to grant it access to Accessibility Services. If granted, the malware unpacks and executes its harmful payload.

Running silently in the background, BingoMod uses keylogging and SMS interception to steal user credentials. Once hackers obtain the necessary data, they can take control of the device and initiate money transfers.

To protect itself from detection and removal, BingoMod complicates system setting modifications, blocks specific apps, and can even uninstall other apps if necessary. However, its most concerning feature is its ability to remotely wipe the device. This function, available when BingoMod is a device administrator, allows the malware to erase external storage and possibly perform a full wipe through system settings using its remote access capabilities.

Despite not being as sophisticated as some notorious Android trojans like SharkBot, Cleafy researchers emphasize that BingoMod still poses significant risks to end-users and financial institutions due to its potential for substantial economic loss and disruption of personal data security.