WannaHydra – The Latest Malware Threat For Android Devices
The Antivirus Company Avast issued an alert on Monday about the spread of a virus that attempts to infect Brazilians smartphones and steal consumers’ banking data.
The malware is called WannaHydra, which has the capabilities to hijack information, collect call logs, access contacts and take photos from the infected device.
According to Avast, the virus is aimed at customers of banks Santander, Itaú and Banco do Brasil.
Avast says it believes that the malware is spreading through fake sites and third-party app stores, referring to different stores of the App Store and Google Play, in the case of phones with IOS and Android operating systems.
Avast explains that when it is installed on the user’s smartphone, WannaHydra notifies them with a supposed warning that there is a problem with his bank account and asks him to enter his username and password to resolve it.
To deceive the user, the malicious software displays a page that mimics the official communication of the banks, which increases the chances of the customer’s getting tricked and they enter the data there.
In addition, it informs Avast that WannaHydra can display a copy of the WannaLocker virus in Portuguese. This is ransomware (which seizes user data in exchange for money) is the same that surfaced in June 2017 around the same time as WannaCry.
Nikolaos Chrysaidos, the mobile threat researcher at Avast, said in a press release that this was the first time the company identified a virus that is at the same time a banking Trojan (which uses a spyware page disguise). (Which collects information from the infected cell) and ransomware (which hijacks the data).
To prevent these threats, the expert recommends using an antivirus application and avoid downloading applications from unofficial sites and stores.
To protect against data hijacking, Chrysaidos suggests periodic backups of your data. He recommends six simple steps so that users do not fall in for WannaHydra
1. Always be wary: Banks apps never ask customers for login data because of alleged accounting irregularities. In general, such contacts are made by telephone, by the account manager and are requested to appear at the agency. So, if a message like this appears on your device, ignore;
2. Use antivirus and firewalls: It is highly recommended to use trusted apps to block malware, viruses and other pests, especially Android users because they are more vulnerable;
3. Do not click on suspicious links: Avoid clicking on any type of link sent to you by emails supposedly from your bank, or from other sources or sites.
4. Enable Google Play Protect: If you’re an Android user, open the Google Play Store app, tap Menu (the three parallel lines), Play Protect, and check Android’s native defense status;
5. Avoid installing apps manually or through third-party stores: Third-party stores are more common on Android than on the iPhone, which requires jailbreak to release access, but in any case, any app distributed externally or by other stores other than the App Store or the Google Play Store are unreliable and should be avoided;
6. Back up your data regularly: Keeping your phone data safe from other sources minimizes your chances of suffering from a ransomware attack, as it avoids the need to pay for redemptions to recover them. All you have to do is perform a factory reset, reconfigure the device and transfer your data back.