Connect with us

Technology

Protect your Android from the Vultur banking Trojan’s remote attacks

Published

on

Protect your Android from the Vultur banking Trojan’s remote attacks

Join Fox News for access to this content

Plus special access to select articles and other premium content with your account – free of charge.

Please enter a valid email address.

By entering your email and pushing continue, you are agreeing to Fox News’ Terms of Use and Privacy Policy, which includes our Notice of Financial Incentive. To access the content, check your email and follow the instructions provided.

Having trouble? Click here.

One of the most advanced Trojans targeting banking apps has gotten an upgrade. Vultur has been wreaking havoc on Androids since security firm ThreatFabric discovered it in 2021. According to researchers with NCC Group, the malware has reemerged and is even stealthier than before.

You might remember Vultur for the notoriety it gained for its ability to screen record on devices remotely. It hid in apps, some of which were on the Google Play Store, and infected your device.

Advertisement

But now Vultur has new ways to take over Androids and new methods to trick you into downloading malware. Hackers now utilize everything from text messages to phone calls to dupe their victims. Once they get into your device, they can take total control. Hackers can remotely access and use your phone – all in an effort to take your hard-earned money.

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER

Android phone (Kurt “CyberGuy” Knutsson)

Vultur’s new hybrid attack

According to NCC Group, this new attack focuses on contacting victims. It begins with a text message urging the victim to call if they didn’t authorize a transaction on their bank account. However, the transaction isn’t real; it’s simply a ruse.

If the victim calls, they will receive instructions to download a McAfee Security app containing the banking Trojan and a text message with the link.

Advertisement

The security app looks normal but actually contains the Brunhilda dropper, a deceptive component hidden within seemingly legitimate apps. In this case, the dropper contains the Vultur Trojan. It then releases and executes the Trojan in three batches. When the third batch is dropped, hackers can gain total control of your Android device.

Illustration of infection chain (NCC Group) (Kurt “CyberGuy” Knutsson)

MORE: HACKERS USE PIRATED SOFTWARE TO HIJACK MAC, ANDROID, WINDOWS DEVICES

Vultur’s new features

Vultur was already a very serious threat to Android users. But now, that threat has been significantly upgraded thanks to the level of control hackers can gain. Once Vultur has infected your device, hackers can install, delete, upload and download files. It can even stop apps from running in the first place. If that wasn’t enough, Vultur can bypass Android’s Keylock feature, bypassing your lock screen.

Even more frightening is Vultur’s remote control capabilities. The malware has been able to remotely access devices since it was first discovered in 2021. But now, hackers can instruct the malware to swipe, click, scroll, mute and unmute audio, and more, giving them more control.

Advertisement

Hackers don’t need to worry about staying connected to the device, either. They have leveraged Google’s Firebase Cloud Messaging system to be able to send instructions to infected devices.

Samsung phone (Kurt “CyberGuy” Knutsson)

How to protect your Android from Vultur

One of the biggest ways to stay away from Vultur is not to call after a hacker texts you about approving a large bank transaction. You can always call your financial intuition yourself to check. But never call an unknown phone number that’s sent to you by an unknown person. Here are some other tips as well:

Avoid sideloading apps and shortened URLs

Try not to sideload apps. That’s when you install apps outside of a legitimate source. Shortened URLs can mislead users into downloading malware.

Be careful granting permissions

Exercise caution when granting app permissions. Consider whether an app truly needs access to certain device functions or data.

Advertisement

Limit the apps you have on your phone

Sometimes, having a lot of apps on your phone can make it easy to be exposed to malware. These apps can let in malicious code over time, and the more apps you have to keep track of and update, the more likely your Android will be vulnerable. Here’s how to delete unnecessary apps from your Android.

Hacker using Android and laptop (Kurt “CyberGuy” Knutsson)

MORE: WHAT YOU NEED TO KNOW ABOUT VAJRASPY RAT, THE CYBERESPIONAGE TOOL THAT INFILTRATED GOOGLE PLAY

Download apps from reputable sources

Additionally, when you download apps, make sure they are from reliable and legitimate developers. Check reviews and do some research before just hitting “install.”

Keep your Android device updated

Your phone has a way of keeping itself safe with software and security updates. Don’t forget to install them.

Advertisement

Have good antivirus software on all your devices

Installing antivirus protection on all your devices is the best way to protect yourself from malware. Antivirus software will prevent you from clicking on potentially malicious links that may install malware on your devices, allowing hackers to gain access to your personal information. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

What should you do if your data is compromised?

If malware has already invaded your device, then you should take immediate action to minimize the damage and secure your device. Here are some steps that you can follow:

Change your passwords

Vultur can give hackers access to everything on your device, including your online accounts and your personal or financial information. To prevent this, you should change your passwords for all your important accounts as soon as possible. However, you should not do this on your infected device because the hacker might see your new passwords. Instead, you should use ANOTHER DEVICE, such as your laptop or desktop, to change your passwords. Make sure you use strong and unique passwords that are difficult to guess or break. You can also use a password manager to generate and store your passwords securely.

Monitor your accounts and transactions

You should regularly check your online accounts and transactions for suspicious or unauthorized activity. If you notice anything unusual, report it to the service provider or authorities immediately. You should also review your credit reports and scores to see signs of identity theft or fraud.

Use identity theft protection

Hackers can access everything on your Android device, including your personal and financial information. They can use this information to create fake accounts in your name, access your existing accounts and pretend to be you online. This can cause serious damage to your identity and credit score.

Advertisement

To avoid this, you should use identity theft protection services. These services can track your personal information, such as your home title, Social Security Number, phone number and email address, and notify you if they detect any suspicious activity. They can also help you freeze your bank and credit card accounts to stop hackers from using them. Read more of my review of the best identity theft protection services here.

Contact your bank and credit card companies

If hackers have obtained your bank or credit card information, they could use it to make purchases or withdrawals without your consent. You should inform your bank and credit card companies of the situation. They can help you freeze or cancel your cards, dispute any fraudulent charges and issue new cards for you.

Alert your contacts

If hackers have accessed your email or social media accounts, they could use them to send spam or phishing messages to your contacts. They could also impersonate you and ask for money or personal information. You should alert your contacts and warn them not to open or respond to any messages from you that seem suspicious or unusual.

Restore your device to factory settings

If you want to ensure that your device is free of malware or spyware, you can restore it to factory settings. This will erase all your data and settings and reinstall the original Android version. Before doing this, you should back up your important data and only restore it from a trusted source.

Kurt’s key takeaways

Vultur is an incredibly sophisticated banking Trojan with some terrifying features. The fact that hackers can gain full control of your Android is scary, making it all the more important that you protect yourself.

Advertisement

These attacks begin with a simple text message. It’s up to you to make the effort to separately call your financial institution and see if anything’s amiss. Just taking an extra 10 minutes can save you from having your entire device compromised and your personal information exposed.

How worried are you about Vultur attacks? How do you protect yourself from attacks targeting your finances? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.

Answers to the most asked CyberGuy questions:

Advertisement

Copyright 2024 CyberGuy.com. All rights reserved.

Technology

Meta’s glasses will turn off the camera if you tamper with the privacy light

Published

on

Meta’s glasses will turn off the camera if you tamper with the privacy light

Amid public backlash over its smart glasses, Meta announced that it will be updating its glasses with a new feature that will disable the camera when it detects that someone has tampered with or destroyed the glasses’ privacy LED light. The update is meant to address modders who have taken actions such as physically drilling into the LED light.

Meta has previously tried to discourage tampering with the LED light. For example, starting with its second generation glasses, blocking the light with tape or other objects will trigger a prompt asking users to uncover the recording light. However, many modders have found various workarounds for that particular measure.

Meta’s VP of wearables Alex Himel told The Verge that the privacy-focused update was on the way a few weeks ago after launching cheaper Meta Glasses without Ray-Ban branding. At the time, Himel acknowledged that the company was aware of increasing misuse alongside wider adoption of the devices.

Continue Reading

Technology

Discord accidentally banned over 8,000 people for posting grids and other ‘benign’ images

Published

on

Discord accidentally banned over 8,000 people for posting grids and other ‘benign’ images

Stanislav Vishnevskiy, Discord co-founder and chief technology officer, writes that the bug impacted around 200 users who posted “grid-like” pictures, in addition to about 8,000 people who posted “other benign images” since May 2026. “Everyone affected has now been unbanned,” Vishnevskiy says.

In a thread on X, Discord writes that its safety system is designed to flag content by “matching it against known harmful material.” This system can produce “false positives,” Discord explains, which is when an employee would step in to review the flagged content. But instead of just temporarily preventing the account from uploading content during the review, a glitch led its system to ban users entirely.

“When our staff reviewed and cleared those accounts, the same bug prevented the ban from being lifted automatically, so it just stayed in place,” Discord says.

Continue Reading

Technology

Hoto’s PixelDrive screwdriver is down to $60, matching its best price

Published

on

Hoto’s PixelDrive screwdriver is down to , matching its best price

If your Prime Day purchases included a new desk, TV stand, bookshelf, or other furniture you still haven’t assembled, Hoto’s PixelDrive cordless screwdriver can help speed up the process. It’s currently on sale for $59.99 ($20 off) at Amazon, matching its best price to date.

From tightening loose screws on furniture to repairing electronics, the PixelDrive is designed to handle a wide range of household projects. Hoto includes 30 screwdriver bits that cover many of the most common screw types, all neatly organized in a small cylindrical case. It also offers six adjustable torque settings, allowing you to use less power when working with fragile electronics or increase it when putting together a desk, bookshelf, TV stand, or other furniture. You can also switch between a slower 80RPM mode for more precise work and a faster 200RPM mode with the press of a button.

Hoto also added several features that make assembling projects a little easier. A built-in display lets you quickly check your current torque setting and remaining battery life, while an integrated LED light helps illuminate dim spaces, whether you’re working under a desk or inside a cabinet. The rechargeable 2,000mAh battery also charges over USB-C, so you won’t need to keep buying disposable batteries.

Continue Reading
Advertisement

Trending