More Tech
BAD BOT

Android warning for BILLIONS as malware that STEALS your passwords is spotted growing ‘more dangerous’

By Jona Jaupi
26th May 2022, 9:35 pm
Updated: 26th May 2022, 9:47 pm

A DANGEROUS new malware that targets Android devices has been uncovered by cybersecurity experts.

In 2021, researchers discovered a malware designated ERMAC that was attacking Android devices.
SOPA Images/LightRocket via Gett
A dangerous new malware that targets Android devices has been uncovered by cybersecurity experts.

Now, cybersecurity experts from ESET have found that a new version of the Banking trojan – dubbed ERMAC 2.0 – is active.

The malware targets Android devices via 467 apps that steal users’ credentials and bank information.

ERMAC 2.0 does this by impersonating popular and genuine apps, according to cybersecurity experts.

 also found that threat actors can rent the malware for a hefty monthly fee of $5,000.

Read more on malware

CYBER WAR

China starts 'cyber-espionage battle' on Russia with malware plot, report claims

NOT FUNNY

Android warning over 'Joker' malware as users are told to delete seven apps NOW

ERMAC 1.0, which was discovered officially in August 2021, utilized 378 apps and was being rented for $3,000 a month.

“We have observed that the ERMAC 2.0 is being delivered through fake sites,” Cyble Labs noted in a blog post.

The experts added that EMRAC 2.0 also spreads through fake browser update sites.

How does it work?

Once someone installs ERMAC 2.0 via a fraudulent app, the malware requests as many as 43 permissions from their device.

Most read in Tech

TELLY ALL ABOUT IT
Sky reveals channels that vanished in 2025 and codes for 29 new ones
I-PHONEY
Simple iPhone mistake everyone makes could result in bank-raiding attack

These permissions, if granted, may enable the bad actors to take full control of a victim’s device.

Other permissions can get the hackers SMS access, contact access, system alert window creation, audio recording, or full storage read and write access.

Certain permissions can also create a list of apps installed on the victim’s device and share that data with the hacker’s C2 server, according to

This can result in a complex phishing scheme that harvests the user’s data whenever they try to log onto the affected app.

Some phishing pages being used to trick the victims include banking applications such as Japan’s bitbank, India’s IDBI Bank, Australia’s Greater Bank, and Boston-based Santander Bank, per

How to protect yourself

Several restrictions placed on Accessibility Service abuse protect devices running Android 11 and 12, according to .

See more

Read More On The Sun

MOM'S HORROR

Texas shooter's haunting last conversation with mom & odd 18th gift revealed

BABY UPDATE

Little People's Zach & Tori Roloff reveal if newborn son Josiah has dwarfism

However, users are still advised to avoid downloading apps from outside Google’s Play Store.

Even if an app is on Google’s Play Store, users should remain vigilant about its legitimacy.

We pay for your stories!

Do you have a story for The US Sun team?

Email us at exclusive@the-sun.com or call 212 416 4552. Like us on Facebook at  and follow us from our main Twitter account at 

Exit mobile version