Home GoAndroid Svpeng Banking Trojan Impacting Android Devices

Svpeng Banking Trojan Impacting Android Devices

Aug 1, 2017

We have told you numerous times about malware on Android and there is a new malware out now called Svpeng. The new malware, Svpeng, is actually a banking Trojan. This banking Trojan actually is very disruptive and is impacting a ton of Android devices. Read on to learn about Svpeng and what this banking Trojan can do to your Android device.

Svpeng Banking Trojan Hits Android Devices

When it comes to Svpeng, this is one of the most dangerous Android banking Trojans out there. That is because with Svpeng, there has now been a key logging feature added to the banking Trojan. That makes this more dangerous according to Kaspersky Lab, which has been studying the Svpeng Trojan.

As far as what the key logging feature means, it basically can give the hackers much easier access to your information. We have heard a lot about key logging on computers, but a lot of people do not know that the same type of hacking and stealing of information can happen on your Android device.

Svpeng itself was already a harmful banking Trojan, but the new version that has the key logging feature added into it makes this even more harmful for Android users. The key log feature was easily added into the banking Trojan because it was able to get into the Accessibility Services on Android. This service is built into Android and it allows people other ways to interact with their Android devices.

The new key logging feature has also made Svpeng even more dangerous because whatever app you have on your device, the hackers can access the text you have entered. All keystrokes are now able to be seen once this logging feature is on your device. That means if you use apps like financial banking apps or apps like Amazon, your financial information and login information can easily be stolen.

More Svpeng Banking Trojan Details

When it comes to Svpeng, this Trojan can also prevent the malware from being uninstalled on your Android device. It will take over permissions as well, granting the malware even more access to your device and sensitive information. Svpeng is already spreading with the new key logger version in many countries such as Russia, France, Germany, and even Poland. An interesting part about this is that if you live in Russia, you are not actually being attacked. This means that Russians might be behind the Svpeng Trojan since it will not perform malicious acts if the Android device is Russian.

One of the ways that Svpeng with the key logging feature is being spread around is through fake Flash Player websites. Infected websites will often use the fake Flash Player warning as a way to begin the attacks. After the device is infected, the malware exploits the Accessibility Services, and from there the administrator rights are granted.

After that, the malware can hack into legit apps, view various contact details, make calls and send text messages, and more. It will even block you from removing the administrator rights, which is how it keeps you from uninstalling the infected Trojan. It will take a screenshot every time you press a key on your Android device, and then steal the text that is entered into the apps or on the screen.

This is very bad news and it is able to circumvent protections when it comes to banking apps. Banking apps do not allow for you to take screenshots while in the app. This is where Svpeng gets smart since it will create a fake or phishing window that overlays on the top of the actual banking app. You will think you are logging into the real thing, when in reality it is the fake version that will then be able to take the screenshot.

Bottom line is that you need to protect your Android device, including only going to trusted sites online. You also want to stay away from third-party app stores and also verify the app and developer before you download any app, even from Google Play Store.