Jump directly to the content

Security researchers have uncovered a new version of the Vultur banking trojan for Android.

A trojan is a type of malware that downloads onto a system disguised as a legitimate program.

Security researchers have uncovered a new version of the Vultur banking trojan
1
Security researchers have uncovered a new version of the Vultur banking trojanCredit: Alamy

Hackers often use social engineering methods, like phishing, to hide the malicious code within legitimate software.

Phishing is when attackers trick people into revealing sensitive information via email or SMS texts (smishing).

Once the software has landed on your device, it can discreetly infiltrate it to steal sensitive information.

And this new advanced version of Vultur is ringing alarms because it possesses more advanced remote control capabilities, Bleeping Computer .

VULTUR TROJAN

Vultur was first detected in 2021 by researchers at fraud detection company ThreatFabric.

Fast forward to 2022, the trojan was found being distributed over Google Play through malicious apps.

Now, researchers found that the trojan is pretending to be cybersecurity software from McAfee.

Scammers have been sending SMS texts to users saying they have detected an unauthorized transaction from their bank accounts.

The fraudulent message then asks the potential victim to call a number that will help them fix the problem.

WHAT HAPPENS IF I DOWNLOAD IT?

If you accidentally download the trojan onto your device, it will gain access to your Android device.

We were trying to buy our dream home & received an email on a special day - it became a 'nightmare' and we lost $775k

It can start recording your activity, steal your password information, and even allow hackers to take control of your device.

The newer version can also do things like download, upload, delete, install, and locate files on your phone.

HOW TO STAY SAFE

There are a few ways users can avoid coming into contact with malicious malware or trojans.

Phone scam statistics

Americans are bombarded with three billion spam phone calls a month. What are the figures regarding the number of victims and the amount of money lost to fraudsters

  • In 2022, Americans lost some $39.5 billion to phone scams, with 68.4 million US citizens affected, according to TechReport.
  • The average phone scam victim lost $567.41 each in 2021, a major rise on the 2021 figure of $182 per victim, according to Hiya.
  • The majority of scams happen over the phone, with fraudsters twice as likely to call compared to text in 2021, as reports the Federal Trade Commission (FTC).
  • In 2021, the US saw a 56% increase in spam phone calls with 60% of those being robocalls.
  • US residents experienced an average of 18 spam phone calls per month, although some experts believe the true figure may be as high as 31 per month.
  • Many phone calls from reputable businesses may be marked wrongly as spam, but 38% of companies have no idea whether they’re being marked as “potential fraud” or not, according to Hiya.
  • Never hand over any personal or financial information if you suspect a phone call is a scam. For instance, your bank will never ask you for such details in full over the phone. 
  • To cut down on spam phone calls and scams, sign up for the Do Not Call Registry. Telemarketers, by law, will need to check that list before they call you up.
  • Downloading third-party apps such as Hiya, Nomorobo, or Truecaller can help filter out annoying spam calls.
  • Try not to share your phone number unless you have to, especially online or with sketchy sources.

For starters, users are advised to avoid downloading apps from outside Apple or Google's official app stores.

Always keep your phone's software up to date as updates often include security patches.

Never download a link or open an attachment from an email or text message that seems strange, suspicious, or unfamiliar.

It's also important to install an antivirus on your device so it can scan for any malware.

Topics