CoreTech Blog

CoreTech Blog

CoreTech has been serving the Bowling Green area since 2006, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Sova, the Android Banking Malware, is Back and Worse than Before

Sova, the Android Banking Malware, is Back and Worse than Before

Even if mobile malware doesn’t have nearly as much of a presence in the cyber threat landscape as other major threats like ransomware variants, it is still just as dangerous under the right circumstances. An Android banking malware called Sova, for example, has returned with a vengeance with additional features to make users’ lives miserable.

What is Sova?

As an Android banking malware, Sova can provide criminals with back-end access to devices so they can cause all kinds of problems later on. Although it was originally released in September 2021 in an incomplete stage, it was still able to steal usernames and passwords through tactics such as keylogging and false overlays atop popular mobile applications.

Sova is more dangerous nowadays, as it is capable of deploying malware to infected devices, along with having a whole other lot of nasty features. It is remarkably flexible in that it can replicate over 200 banking and payment applications, as well as target cryptocurrency wallets. Sova is also able to take screenshots of infected devices and record audio through their microphones.

So, yeah, Sova is just a little scarier now.

Security researchers at Cleafy state, “The ransomware feature is quite interesting as it's still not a common one in the Android banking trojans landscape. It strongly leverages on the opportunity that arises in recent years, as mobile devices became for most people the central storage for personal and business data.”

Furthermore, Sova can weasel its way past multi-factor authentication measures by intercepting MFA tokens, even if the user has deployed multi-factor authentication to protect themselves.

How Can You Avoid This Threat?

Sova and other Android malware variants typically spread through fraudulent applications hosted on the Google Play store. If a user downloads the app, they are infected by Sova. We encourage all users to practice a certain level of caution and scrutiny with any downloadable applications, and you should never download an app from anywhere other than a trusted first-party source. It helps to look at reviews and descriptions of applications as well.

With mobile device management tools at your disposal, you can protect your business from mobile threats like Sova. With powerful enterprise-level security, you can whitelist or blacklist applications, remotely wipe infected devices, and so much more. With these solutions in place, you won’t be afraid of mobile threats.

To learn more, contact CoreTech at (270) 282-4926.

Employee Awareness Is Your Best Security
Is Your Business Equipped for Modern Collaboration...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Wednesday, 25 December 2024

Captcha Image

About CoreTech

CoreTech has been serving the Kentucky area since 2006, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses. Our experience has allowed us to build and develop the infrastructure needed to keep our prices affordable and our clients up and running.

get a free quote

Recent News

Last week, we discussed why X—the social media network once known as Twitter—has been losing many users. Here, we wanted to direct those seeking a move to consider the up-and-coming platform known as Bluesky in case you were one of those jumping ship...

Contact Us

1711 Destiny Lane Suite 116
Bowling Green, Kentucky 42104

Mon to Fri 8:00am to 5:00pm

[email protected]

(270) 282-4926


Nashville Managed IT
Louisville and Lexington Managed IT
Bowling Green Managed IT
Clarksville Managed IT