Android Malware: “Invisible Man”

Android Malware: “Invisible Man”

What is the Invisible Man virus? And how does it work?

The Invisible Man Android malware is a new Android banking malware that functions as a key-logger. Even though it is still a new virus, unfortunately, this virus has already given 23 countries a pain in the head. Most of the attacks center on Russia, Germany, Turkey, France and Poland. The other countries are the United Kingdom, Australia and Singapore.

This new Android malware is a variant of the Svpeng malware whose developers were already arrested by Russian authorities, way back in 2015. Once this malware gets into the system, it checks the device’s language settings.

The Invisible Man spreads as a fake Adobe Flash Player program which thankfully does hasn’t reached Google Play Store. This fake program only spreads on suspicious sites who often offer unauthorized and malicious installers. Thus, it is recommended that users should stay away from these kinds of sites and download installers directly from reliable sources only.

As mentioned, this malware works as a key-logger that collects your banking details with invisible overlay. It gathers your banking details when you try to input them. Aside from that, this virus can also communicate with its Command and Control server to execute the following tasks:

  • Read and send text messages on your Android device.
  • Make phone calls to anyone.
  • View and read your contact list.
  • Gather information about the apps installed on your Android device.
  • As well as open phishing websites.

So when you download obfuscated Adobe Flash Player, it will ask you to permit it to gain full permission or authority to the Android accessibility services. The problem is, most users do not read these pop-up windows or dialog boxes and end up granting the permission to run the obfuscated program. That is why it is important that users should read these pop-ups so that they’ll know what they are getting into and eventually find this behavior suspicious and stop the installation of the program.

Thus, this banking malware does not only steal your banking information but can cause other privacy-related issues too such as identity theft and more. With this malware, it really doesn’t matter if you’re using the latest smart phone or Android operating system or even an outdated OS since the malicious program can be installed in all kinds of devices.

What makes matters worse is that this virus prevents infected users from removing administrative permissions on it and even to uninstall it. There is no doubt that this malware has a feature that prevents you from getting rid of it easily. And to add fuel to the fire, it also prevents you from adding or even removing administrative rights to other applications in your device.

However, don’t lose hope just yet since just like other Android malware, this one has its own weaknesses that could be used against it so long as you have an excellent and reputable antivirus program installed on your device or else you may not have other choice but to reset your device. And you know what they always say, prevention is better than cure, so it is best of you follow mobile security tips and avoid using suspicious websites as your download source.