“Android.BankBot.211.origin” Threatens to Steal Your Financial Data

“Android.BankBot.211.origin” Threatens to Steal Your Financial Data

Recently, an Android malware, Xavier virus, has affected more than 800 Android applications in Google Play Store. And now, a new Android virus has been discovered. This new virus is known as Android.BankBot.211.origin that aims to steal its victims’ financial and banking information that causes financial loss to its victims. However, aside from that, it also has the ability to track messages, installed applications and other users’ activities. This malware takes screenshots so it has no trouble gathering your personal information like passwords and other login details.

This threat is no joke due to the fact that it’s a strong and very much aggressive Android malware that may be hard to be removed. But worry not, it is still possible to remove the malware and protect your sensitive information from the crooks behind this threat.

The BankBot malware was first discovered way back in April 2008. And now it’s back with a vengeance, courtesy of the cyber criminals who have updated the virus. Several variants of the virus have emerged earlier this year and have affected more than 400 Google Play Store apps. The first victims who had experienced the wrath of this virus were located in Turkey. And it seems that the crooks weren’t contented on the damage it has left in Turkey since it expanded its target area and continues to spread around the US, UK, France, Poland, Germany, and Ukraine. Thankfully, the BankBot hasn’t gotten that far as to entering Google Play Store and the only ones who were affected are the users who downloaded apps from third party sources. Yes, you heard that right, you can be infected with this threat when you carelessly download applications from third party sources that most users are fond of doing online.

According to researchers, this malware was caught spreading through an obfuscated Adobe Flash Player. But, it was also determined that there are other well-known programs who distribute suspicious and unknown third party installers which had cause the malware, Android.BankBot.211.origin. So if you want to install Adobe and other popular applications on your Android device, you have to make sure that you download it from its official website and not in any third-party installers.

Once it hijacks your device, the BankBot gains administrative access to your device and starts tasks to get banking, financial and other confidential information about you. For example, it might display fake login screens where you are prompted to input your login or credit card information; during that encounter, the malware communicates with its Command and Control server and completes several tasks.

As mentioned, the virus mainly aims to steal your financial information, however, it can also steal your contact list, information about installed apps and even takes screenshots on your device activities like when you enter your login names or passwords.

The Android.BankBot.211.origin bypasses mobile security which means that it blocks any antivirus installed on your device. That’s why its detection can removal would be a really hard task. To remove this malware, you have to:

Step 1: Restart your Android device into Safe Mode.

Step 2: Go to your system settings.

Step 3: Proceed to the list of device administrators. Look for the malware and delete it. And once you do, the malware may display an alert or pop-up saying that removing it may cause data loss which is false so you shouldn’t believe it and continue on the elimination process.

Step 4: Restart your Android device.

Step 5: Perform a full system scan on your device using an up-to-date antivirus program in order to remove all virus-related entries and files from your system completely.

You know what they say, prevention is better than cure. So it’s better if you stir clear of unreliable sites when you download applications and opt for its official website as your download source instead.