This is malware that specializes in stealing bank passwords-Information Technology

Recently, security researchers at Cyble and ESET discovered ERMAC 2.0 malware, which specializes in stealing passwords and targeting banking applications.

The ERMAC 2.0 malware is currently for sale on the dark web with a monthly subscription cost of $5,000 (an increase of $2,000 per month compared to the old version).

Subscription costs spiked not only due to inflation, but also because version 2.0 was packed with more features, capable of stealing logins and sensitive data from more than 467 apps, up from 378 previous application.

When the victim mistakenly installs ERMAC 2.0 on the phone, the malware will request permission to use the Accessibility Service to take full control of the device. The researchers found that the trojan granted itself 43 permissions, including access to SMS messages, contacts, creating system alert windows, recording audio, and so on.

When a user tries to launch an application on the phone, the trojan launches a phishing website with an almost similar interface, thereby collecting sensitive data.

Researchers have detected ERMAC 2.0 in the wild, spoofing the Bold Food app (a food delivery service in Europe) and attacking consumers in Poland.

Fake apps are a “common weapon” of cybercriminals, which is why you should only download apps from legitimate sources, like Google Play or the App Store.

Not long ago, Google’s threat analysis team (TAG) accused Cytrox (a secretive company based in North Macedonia) of selling access to four zero-day security holes in the Google browser. Chrome and Android for hackers affiliated with the government.

Hackers then exploited the vulnerability and carried out an attack campaign with the Predator spyware.

The researchers believe that the hacker group that bought Predator spyware is based around the world, including Greece, Serbia, Egypt, Armenia, Spain, Indonesia, Madagascar and Ivory Coast (Cote d’) Ivory).

In addition, Google’s threat analysis team (TAG) also warns of a worrying new trend: the majority of zero-day vulnerabilities they discovered last year were intentionally “developed” by developers. Private surveillance companies like Cytrox. “Seven out of nine zero-day vulnerabilities discovered in 2021 are sold and used by government-backed organizations.”