<img src="https://secure.leadforensics.com/69529.png" style="display:none;"> Apogee IT Services
Blog  |  FAQ
  • Apogee Aim Higher Website header
    What's going on in IT.

A New Smartphone Threat is Here

Posted on August 15, 2022
  
AdobeStock_308132547_Editorial_Use_Only (1)

Watch out, there is a new smartphone threat attracting ransomware to Android's and Gmail cookies. According to security researchers at Cleafy, a fraud online management and prevention solution company, a new threat may be stealing your Gmail, GPay and Google Password Manager cookies. 

"The latest variant of SOVA, dubbed v4 by Cleafy, conceals itself within fake applications that feature logos of legitimate apps like Amazon and Google Chrome to deceive users into installing them. Other notable improvements include capturing screenshots and recording the device screens. "These features, combined with Accessibility services, enable [threat actors] to perform gestures and, consequently, fraudulent activities from the infected device, as we have already seen in other Android Banking Trojans (e.g. Oscorp or BRATA)," Cleafy researchers Francesco Iubatti and Federico Valentini said." (TheHackerNews.com)

Forbes states, "This complex and powerful piece of Android malware is capable of intercepting two-factor authentication codes, stealing cookies and data, taking screenshots, and protecting itself from being uninstalled."

As ransomware attacks continue to effect businesses across the world, it is important for companies to ensure that their employees are aware of the steps they must take in order to not fall victim to one of these attacks. 

Employees can take several steps to increase security as a remote worker, including the following:

  • Use strong passwords with a consistent password reset policy
  • Set guidelines for personal data retention on user devices
  • Keep all user names and passwords safe and in a secure location;
  • Do not open any attachments or click on any links in e-mail messages that are unfamiliar or not from an email from someone you know
  • Regularly update software programs on personal devices
  • Use anti-virus and anti-spam software on personal and business devices
  • Consider changing administrator passwords and other settings on home routers and network systems consistently.’
  • Educate all staff connecting to the internet or network using simulated phishing emails and also online video training 

Apogee can help with each of these critical areas of protecting users and their data. We understand this is a time of uncertainty and want to be there for you and your company. Contact us today: https://www.apogeeitservices.com/contact-us 

Sources: https://thehackernews.com/2022/08/sova-android-banking-trojan-returns-new.html https://www.forbes.com/sites/daveywinder/2022/08/14/gmail-and-gpay-cookies-targeted-by-new-smartphone-ransomware-threat-to-200-apps/ 

11 keys to network security

Clients Canada

Learn More