Banking on Android? It Could Be More Treacherous Thanks to New Malware

Beat it with a little alertness

By
Mayank Sharma
headshot of mayank sharma
Mayank Sharma
Freelance Tech News Reporter
    Writer, Reviewer, Reporter with decades of experience of breaking down complex tech, and getting behind the news to help readers get to grips with the latest buzzwords.
    lifewire's editorial guidelines
    Published on August 17, 2022 10:54AM EDT
    Fact checked by
    Jerri Ledford
    Jerri Ledford
    Fact checked by Jerri Ledford
    • Western Kentucky University
    • Gulf Coast Community College
    Jerri L. Ledford has been writing, editing, and fact-checking tech stories since 1994. Her work has appeared in Computerworld, PC Magazine, Information Today, and many others.
    lifewire's fact checking process
    Internet & Security
    • Security researchers are tracking the evolution of a mobile banking malware that can now even encrypt mobile devices.
    • Security experts believe smartphones attract more attention from hackers since they’ve become an essential component of our digital lives.
    • They advise people to be more vigilant when using apps, especially ones that handle money such as banking apps.
    Person managing online banking with mobile app on smartphone while drinking a cup of coffee at sidewalk cafe

    d3sign / Getty Images

    As if banking on a smartphone wasn't dangerous enough, security researchers have shared details of an Android banking malware that has taken on some nasty new "features."

    Threat analysts at mobile security firm Cleafy have been tracking the development of the Sova malware and report it has evolved rapidly in the last few months. It can now mimic over 200 banking and payment applications and even encrypt mobile devices with ransomware.

    "The ransomware feature is quite interesting as it's still not a common one in the Android banking trojans landscape," wrote Cleafy. "It strongly leverages on the opportunity [that arose] in recent years, as mobile devices became, for most people, the central storage for personal and business data."

    Earmarking Mobiles

    According to Cleafy, Sova was announced in hacker forums in September 2021, together with a roadmap for future development, which immediately caught the researcher's attention. Unfortunately for us, Sova's authors have apparently kept their promise, and the malware, now on version 5, has evolved to become a very potent threat. 

    "As smartphones continue to grow and evolve, applications to make our day-to-day lives easier are evolving with them," Chuck Everette, Director of Cybersecurity Advocacy at Deep Instinct, told Lifewire over email. "This introduces new attack avenues and a larger threat landscape for malicious threat actors to take advantage of." 

    The core advice here is to only install very well known and reputable applications.

    To help avoid falling victim to Sova, or any mobile malware, Lorri Janssen-Anessi, Director of External Cybersecurity Assessments at BlueVoyant, suggests users who bank with smartphones be vigilant. 

    "The days of just clicking 'ok' or 'I agree' should be in the past, especially when it comes to using banking apps," Janssen-Anessi told Lifewire over email. "Be as dedicated to your decision to download and use a banking application as you would selecting an actual bank. She suggests people should ensure that their banks are as reliable in all of their online services as they are in their in-person services."

    As several Android malware, Sova included, are delivered via fake apps, Chris Hauk, consumer privacy champion at Pixel Privacy, suggests people always check their bank's website for a direct link to their official app.

    "Take the time to ensure that an app is actually made by a genuine developer," Hauk told Lifewire over email. "Just because an app has the Chrome logo, or a logo from your bank or other company, doesn't mean that the app is genuine."

    Good Security Hygiene 

    While advising never to download an app from a link provided by an unverified party, Hauk suggested people also stay clear of links or attachments in unsolicited emails or messages.

    "The core advice here is to only install very well-known and reputable applications," agreed Everette, adding, "do not blindly accept prompts, and avoid clicking on advertisements or security alerts that pop up on your device." 

    According to Janssen-Anessi, the best way to avoid installing a malicious app is good ol' research. "The great thing about internet users is that they are happy to share their negative experiences, so see what other users are experiencing before you click install." 

    And if your bank doesn't offer an app, Janssen-Anessi suggests it's best not to bank using the mobile browser, as they come with their own share of security issues.

    Close up of shocked woman looking at mobile phone screen

    fizkes / Getty Images

    In addition to making sure you use your bank's genuine app, Melissa Bischoping, Endpoint Security Research Specialist at Tanium, says people should also get in the habit of maintaining good security hygiene, especially when using a smartphone.

    "Ensure you're using two-factor authentication, preferably through something other than your cell phone/another mobile app if your bank offers it," Bischoping told Lifewire over email. She also recommends using a good password manager with adequate security settings, such as the ability to auto-lock the password manager after each use.

    Agreeing with his peers, Stephen Gates, Security Evangelist at Checkmarx, says one can never be too careful when using apps that handle real money.

    "While I have never put too much trust into mobile banking apps, some say I'm overly cautious," Gates told Lifewire over email. "But when you observe the capabilities of Sova, I think my concerns are easily justified."

    Was this page helpful?