A new malware Vultur can steal banking credentials


A new malware has been reported stealing banking, social media, and cryptocurrency data from Android devices. Widespread damage occurred in areas like Italy, Spain, and Australia. Malicious actors have created a new security threat that harvests personal information from unsuspecting Android users.


We are seeing an Android banking Trojan that has screen recording and keylogging as (the) main strategy to harvest login credentials in an automated and scalable way. The actors chose to steer away from the common HTML overlay strategy we usually see in other Android banking Trojans.”


It uses screen-recording methods to capture activities on a mobile device and send it back to the attackers’ severs. This malware activates whenever users login to their bank account, participate in cryptocurrency trade or use social media platforms like Facebook.


Vultur is a difficult malware to manage. It infected multiple fitness, phone security, and authentication apps found in Google PlayStore. Be extra careful not to download the app called Protection Guard. Through this app, Vultur has stolen data from over 30,000 smartphones, according to Tom’s Guide.


Vultur also exploits on “Accessibility Services” function on Android devices. This feature was intended for users with visual or auditory impairments to recognize content on their smartphone screen. Its function is to let an app read out what was available on the screen. Vultur links to this function to operate is information stealing systems.


To stop the Vultur malware, you should immediately disable its App Permissions. You can do this by opening “Settings,” “Apps,” and select the infected app. Scroll down and open “App Permission” and toggle off all the options that show up.


Afterward, you can try uninstalling the app. Head to “Settings,” “Apps,” and select the infected up. “Force Stop” its activity before clicking on “Uninstall.”


There is an advisory, Be careful on downloading apps or data from suspicious websites. Hackers are getting harder to detect, so it’s better to be aware of any suspicious activities on your smartphone device. Lastly, only download apps or other software from secures sources.