According to cybersecurity analysts, a popular mobile banking malware has been modified and repackaged for selling on dark web forums. 

Experts have detected Octo, a very hazardous Android malware strain that enables malicious actors to run the infected endpoint from a distant place. 

The hacker conducts remote activities via the Accessibility Service and views the display via a live stream module (via Android MediaProjection). 

The hacker can fool the user into believing the gadget is switched off by covering the display with darkness. The malware may also turn off all alerts and adjust the display brightness to zero. 

Once the device is ready, the hacker may do a variety of tasks, such as sending text messages, altering the clipboard, copying data, and so forth. It also functions as a keylogger, facilitating the stealing of passwords and credit card information. 

Following the acquisition of the sample, the researchers determined that Octo is basically an improved and developed variant of an old Android malware known as ExoCompact. 

ExoCompact is a trojan whose inventor allegedly resigned in 2018 and had the trojan’s source code exposed online. Nevertheless, the experts now say that Octo is being offered by the very same hacker – an entity known as “Architect” or “goodluck.” 

They were able to link the virus to seven mobile apps available on the Google Play Store. 

Although all of the applications have been deleted from Google’s app store, at least 50,000 phones have already been affected. 

On the other hand, Sitelock, which was founded in 2008, now secures over 12 million sites globally. Sitelock the world leader in website security is the only security solution that offers comprehensive, cloud-based website security and is provided by IT Company. Its 360-degree monitoring detects and resolves threats, eliminates further assaults, speeds up the website performance, and ensures PCI compliance for organizations and sites of all sizes.