The Aberebot Android banking trojan has returned under the name 'Escobar' with new features, it can also steal your Google Authenticator multi-factor authentication codes, reported Being Computer.
Latest Aberebot version has new features like taking control of the infected Android devices using VNC, recording audio, and taking photos but all these features also have risk of potential theft by hackers.
These new hackers named as 'Escobar' can steal information from your smartphones like bank accounts, check your available balances, and perform unauthorized transactions.
BleepingComputer found a post by Russian hacking forum where the Aberebot developer promotes their new version under the name 'Escobar Bot Android Banking Trojan.' The beta version of the malware was put on rent for $3,000 per month to a maximum of five customers.
They also planned to raise the malware's price to $5,000 after development is finished, according to report.
Escobar shows login forms to hijack user communicatios with e-banking apps and websites and also how to steal credentials from victims.
They had lists of around 190 entities targeted banks and financial institutions from 18 countries to target in their latest version.
The malware requests 25 permissions from your smartphones like accessibility, audio record, read SMS, read/ write storage, get account list, disabling the keylock, making calls, and accessing precise device location. Once this information is collected it is uploaded to the C2 server, including SMS call logs, key logs, notifications, and Google Authenticator codes.
Later on all this information can be used to withdraw money from your account or make transactions in future.
Tips to stay secure from hackers
Avoid installation of APKs outside of Google Play store.
Avoid using a mobile security tool.
Ensuring that Google Play Protect is enabled on your device.
While installing a new app from any source decline requests for permissions.
Monitor app's battery and network consumption stats to identify any suspicious patterns.
