Hi Guys,

I hope that you are well 🙂 Another day, another set of apps that can empty your bank account in seconds. Yesterday, it was government spyware targetting any dissenting voices (see tip below), and today it is cyber criminals trying to steal your money. It is a jungle out there!

Security researchers David Warburton, Sander Vinberg, and Malcolm Heath at F5 recently discovered a new strain of Android malware that targets online banking customers with the ability to steal banking credentials and bypass multi-factor authentication codes.

As per their REPORT:

  • MaliBot disguises itself as a cryptocurrency mining app named “Mining X” or “The CryptoApp”, and occasionally assumes some other guises, such as “MySocialSecurity” and “Chrome”
  • MaliBot is focused on stealing financial information, credentials, crypto wallets, and personal data (PII), and also targets financial institutions in Italy and Spain
  • Malibot is capable of stealing and bypassing multi-factor (2FA/MFA) codes
  • It includes the ability to remotely control infected devices using a VNC server implementation

How do you stay safe?

Check your phone for these apps, and if you have them, delete them immediately and contact our team for more assistance. You will need to factory reset your phone (we can help with this) and change your banking credentials.

  • Mining X
  • The CryptoApp
  • MySocialSecurity
  • Chrome**

** It can just call itself Chrome to trick you. Check your installed apps to see if there is more than one Chrome instance on your phone. (If you use Chrome)

Please let me know if you need help with this or anything else.

All the best,

Max Roberts,
Incognito Privacy Care Team