Although active since 2021, there’s an Android trojan (click link) that keeps improving on what it can do. If you own an Android smartphone, you need to read this post.
Its Name
“SOVA Android Malware” is the trojan we’re talking about in this post. Oddly, SOVA means “Owl” in Czech. (Some websites claim it’s Russian for “owl” but my research shows that it’s Czech.) The destructive software is found on the dark web and its author is unknown at this time.
What It Can Do
Originally, this trojan could infect banking and shopping apps. (Latest version targets over 200 apps.) It would steal credentials for logging into these types of sites. However, massive improvements have been made in the year it’s been around. (That is, from a hacker’s point of view.)
Current versions of SOVA can intercept two-factor authentication codes; take screenshots; and steal data. Also, it attempts to steal your Gmail, GPay, and Google Password Manager cookies. It can even protect itself from being uninstalled. Finally, ransomware (click link) can be put on your phone by the version currently being developed.
How You Get It
The SOVA trojan masquerades itself as a legitimate shopping, banking, or financial app. Most of the time, these fake apps come from third-party download sites. However, even in the Google Play Store, you need to be careful that an app is what it says it is. The best thing to do is review the comments to see if there are negative entries outlining security issues.
Additionally, it may be downloaded when you visit a financial or shopping website in your phone’s browser. SOVA will put an “overlay” onto a legitimate website and it will capture all your log-in information.
iPhone Users
The SOVA trojan malware doesn’t affect (or infect) the iPhone. Still, you should warn your Android-user friends!
Wow this is getting so scary. I can’t even imagine how many people is going to get caught in this Trojan. Thank you John for making us aware of all these dangers.
Marie Jeanne…Yes, it is scary sometimes but the more we know as computer users the safer it becomes. Thanks for your comment and stay safe online!
What can an Android user do to protect against this malware?
Steve…That’s an excellent question. First, make sure you have an anti-malware program installed on your Android phone. Second, don’t download apps from 3rd- party sites. (Google Play Store only.) Next, don’t visit financial sites in the phone browser IF the institution has an app – use the app instead. Further, don’t click on links in texts or emails that you aren’t 100% legitimate. Just because a text looks like it’s coming from someone you know doesn’t mean they are the ones really sending it. Finally, question everything!
Thanks, John. I’ll pass on this info to our friends.
Thanks for the warning, and suggestions on how to prevent infection!
Pastor Anil…You’re welcome. Thanks for reading my blog posts!