How do you make a cyber threat even scarier? Name it after one of the classic literary, cinematic “monsters”. Android users are on the lookout for a new type of malware called “The Invisible Man” that targets their mobile devices. This attack is not new to Android users.
This “Invisible Man” is just the latest attack that goes after a victim’s bank information and credit cards. This is a modified version of the Trojan virus that was originally developed by Russian hackers. The new feature includes a keylogger that keeps track of what someone types on their infected devices. Everything from personally identifiable information, passwords and banking credentials is up for grabs.
After that, malware makes its way onto the device as a Flash update. Which, of course, is not legit. It will likely appear with an offer to install a new version of the software, and then when you innocently download it, the attack begins. Once it is on a user’s Android phone or tablet or any other available device, the malware will start checking your phone’s language settings. If the phone is set to Russian, the malware aborts. If it’s anything else, then it proceeds to ask permission to use accessibility services. This is a clear sign that the Flash update is not genuine.
So why is it called “The Invisible Man”? Besides the fact that you don’t see it coming, it leaves you with some more unseen cyber drama. It installs a compromised SMS app that allows it to intercept a victim’s communications as they type messages to friends. This is how the malware steals vital information like login credentials and personal information.
It goes without saying, that it’s recommended users deny the ability for installation of software from unknown sources. For Android users to prevent installations from unknown sources, they need to open the Settings app and navigate to Security. Inside there, search for the option Unknown Sources and make sure the box next to it is not checked. This ensures that only apps downloaded from the Google Play Store can be installed on the device.
