Malware Vulture is recording the screen

Malware Vulture is recording the screen

Smartphones using the Android operating system can fall prey to malware. (Photo: t3n)

This approach is new: hackers use Vulture malware to spy on the cell phone displays of affected people by recording it. The Trojan descends through the installation of an app on the user’s smartphone – they can hardly get the Vulture away from there.

A new malware is causing turmoil in Android-cosmosuniverse. Vulture spies on cell phone screens of users who have security guard app downloaded to keep. Trojan records screen data, ThreatFabric’s IT security researchers found malware in early March 2021. According to their report, Vultr is particularly interested in online banking and crypto wallet data. Users in Italy, Australia and Spain are particularly affected. HSBC and Santander banking apps have been spied on.

vulture is one remote-access-trojanerWhich enables third parties to access and control the smartphone remotely. The malware uses Virtual Networking Computing, or VNC for short, for this. In general, data can be called, saved and transmitted in this way. For remote access, the Trojan uses the Ngrok program, which enables remote access to the affected device’s VNC server. Using VNC also enables screen recording, which, according to ThreatFabric, falls under the term “remote screen sharing.” Plus, Vultr has access to accessibility services. Everything that the user puts into the apps the malware is interested in is recorded and saved by the intruding bot.

Screen recording instead of website replication

The use of screen recording in this context is particularly new. Previously the malware in this area basically recreated a website to prompt the user to enter their data. Instead, Vultr records data from the display and thus gains access to passwords, eg. This process is simpler than the usual website replication process till now.

It will be difficult for those affected to get rid of the app

Because of this process, security experts at ThreatFabric named the malware Vulture, which stands for Vulture. Like the bird of prey, the malware spies on unsuspecting users and thereby obtains their banking data, among other things.

Almost finished!

Please click on the link in the confirmation email to complete your registration.

Would you like more information about the newsletter?
Learn more now

In addition, the Protection Guard app, which introduced malware, cannot be easily removed. Vultur prevents users from reaching the point of being uninstalled by malware in their smartphone’s settings, which repeatedly takes the user back to the relevant menu. This means the affected people do not hit the uninstall button. To resolve this issue, Android users can go to “Device Management Apps” in Settings under the menu item “Security & Location” and remove the Security Guard app. It should be possible to deactivate then. This Connect. I get advice from colleaguesBut could not be verified.

You may also be interested in

More from Laurence Porter
Android 11 will sometimes pressure you to use the built-in camera app
Android 11 is getting rid of the digital camera picker, so 3rd-get...
Read More
Leave a comment

Your email address will not be published. Required fields are marked *