Money-draining smartphone virus hits 318 000 devices

Johannesburg - A recent version of one of the first malware viruses for mobile, has been found to have infected at least 318 000 Android users since July and it's looking to steal banking information. 

The Svpeng mobile banking Trojan was first under investigation in 2013 as a PC-grade mobile malware but has since been modified reaching an infection peak of 37 000 victims per day. 

READ: Huge spike in ransomware infections

Digital security firm, Kapersky Lab, recently discovered that the Svpeng virus had been lurking in Google’s Adsense advertising programme. 

“The attackers, intent on stealing bank card information and personal data such as contacts and call history, were exploiting a bug in Google Chrome for Android," said Kaspersky.

"Now that Google has fixed the bug, Kaspersky Lab experts can reveal the full details of the attack,” Kaspersky said in statement on Monday.

READ: Top SA Android malware revealed

The first known recent case of a Svpeng attack occurred in mid-July on an using the bug in Chrome for Android which discreetly downloaded itself onto the Android device. 

The attacks began by infecting an advert on Adsense and disguised itself as a browser update or an apk file – the standard file type of an Android application. 

Once installed and launched, the malware disappeared, making it harder to detect.

“The Svpeng mobile banking Trojan is designed to steal bank card information. It also collects call history, text and multimedia messages, browser bookmarks and contacts. Svpeng mainly attacks Russian-speaking countries, however it has the potential to spread globally,” Kaspersky said. 

READ: Here's how ransomware hits SA

Since its first attacks developers have been studying the virus while the malware’s creators had been testing it. 

Experts began investigating the virus with IBM developing countermeasures to detect it earlier. 

In 2015, Russian authorities arrested a 25-year-old and four other suspects believed to be behind the Svpeng virus, however the software has since resurfaced. 


Read Fin24's top stories trending on Twitter:

ZAR/USD
16.84
(-0.27)
ZAR/GBP
21.15
(+0.32)
ZAR/EUR
19.11
(-0.58)
ZAR/AUD
11.69
(-0.14)
ZAR/JPY
0.16
(+0.06)
Gold
1802.44
(+0.14)
Silver
19.07
(+1.63)
Platinum
826.18
(+0.59)
Brent Crude
43.02
(0.00)
Palladium
1965.00
(+0.71)
All Share
56199.46
(+1.41)
Top 40
51874.81
(+1.41)
Financial 15
10703.82
(+2.21)
Industrial 25
76910.63
(+1.02)
Resource 10
53327.86
(+1.61)
All JSE data delayed by at least 15 minutes morningstar logo
Company Snapshot
Voting Booth
Please select an option Oops! Something went wrong, please try again later.
Results
I'm not really directly affected
18% - 2005 votes
I am taking a hit, but should be able to recover in the next year
23% - 2621 votes
My finances have been devastated
35% - 3932 votes
It's still too early to know what the full effect will be
25% - 2810 votes
Vote