Digital Banking Alert: What is SOVA Virus? Can empty your bank account anytime

Sova is an Android-based Trojan malware targeting people using fake banking apps to steal personal data.

Hackers use many types of viruses to cheat people. Phishing messages are used to download these viruses to your phone. The customers of banks are being alerted about one such virus. SBI, PNB, and Canara Bank customers are being warned about SOVA malware. SBI tweeted, ‘Don’t let malware steal your valuable access. Always download trusted apps from trusted sources. Let us know what is Sova virus is and what things you should keep in mind to avoid it.

What is Sova Virus?

According to SBI, Sova is an Android-based Trojan malware that is targeting people using fake banking apps to steal personal data. This malware steals the credentials of the users. The malware records users’ information when they access and log in to their accounts through net-banking apps. Once installed, there is no way to remove this application.

How does this malware work?

According to the Punjab National Bank website, the Sova Trojan malware is sent to users’ devices via phishing SMS, just like any other Android Trojan. After installing this fake Android app, it sends the details of other apps installed on your smartphone to the C2 (Command and Control Server) which is controlled by the hackers.

For each targeted application, C2 sends the malware a list of addresses and stores this information in an SML file. These applications are then managed through malware and C2. If understood in simple language, first of all, this malware gets installed on your phone through phishing SMS. After installation, this Trojan sends the details of the apps present on your phone to the hackers.

Now the hacker sends malware with the help of C2 to the list of targeted addresses for the apps present on the phone. Whenever you use those apps, malware stores your data in an XML file that hackers can access.

Can this app be stolen?

This malware can steal many types of data from your phone. In addition to credentials, cookies can copy up to multi-factor authentication tokens. Even if hackers want, with the help of this malware, they can take screenshots on their phones. Can record video, and make gestures like clicking on the screen. Many such things can be done with the help of this Trojan.

What should you do?

If this malware is installed on your smartphone, then it is difficult to remove it. There is only one way to avoid this, and that is caution. So do not click on any unknown link. Always use a trusted app store to download apps.

Before downloading any app, please check its reviews. Be careful while giving permissions to apps and pay attention to what things you are giving permissions to the apps. Keep downloading Android updates and you can also use anti-virus if you want.

Author: MahesH

Leave a Reply

Your email address will not be published. Required fields are marked *