The report also noted, “Whatever the malware collects is uploaded to the C2 server, including SMS call logs, key logs, notifications and Google Authenticator codes.”
Escobar is doing malware Targeting Android users
This is not the first time such a banking Trojan has been circulating. In 2021, an Aberebot Android bug with similar capabilities targeted hundreds of Android users. The ‘Escobar’ is more or less similar to the Aberebot but comes with more advanced capabilities. According to the report, ‘Escobar’ Trojan takes full control over the targeted device and takes photos. Also records audio and expands target apps for credential theft.
Unlike other Android malware, ‘Escobar’ targets users through APK files installed on the web. Most other malware is usually available in the form of applications on the Google Play store.
It overlays login forms to hijack user interactions with online banking apps and websites. In most cases, viruses like Escobar take over the banking accounts of users and lead to unauthorized transactions.
How to Stay Safe from Android Malware
Android users should ensure that they do not install APK files from outside the Google Play Store.
Users will have to enable the Google Play Protect option on their smartphone, which tells if the user is in the process of installing malware on their device.
Users should keep an eye on the general permissions asked by a particular app. This will help them identify apps or files that install malware on those devices or apps.
One should always check the name, details etc. before installing on the device.