Post upvoted and reblogged @moonunit. I still don't see what can be done, other than simply don't use the effected apps, so if you have or come up with more insight about that, please share
You are viewing a single comment's thread from:
Post upvoted and reblogged @moonunit. I still don't see what can be done, other than simply don't use the effected apps, so if you have or come up with more insight about that, please share
Thank you @jerrysuseer I try to keep myself up to date on new attacks. When they involve the crypto space I do all I can to get the word out to as many as possible.
I copied most of the details of your post, used it as the basis of a msg I sent to the two banks that I use, Wells Fargo, and USAA that I was concerned about this new virus.
WF replied that they had checked and there was no virus in their system.
I thank you for the heads up, and I've warned my friends to beware of it as well.
Thank you @moonunit
That is great that they responded to you but they should't have been scanning their system. The issue is not with them specifically, rather with the infrastructure its running on I.E. Android. The compromised app once installed is logging information that should be secured in a TEE (trusted execution envirnoment) which is a secure part of the CPU on your device. This would be best practice for android devices but they may not use it due to lazy devs etc. Apple do not use TEE on their devices, they use TAP (trusted application protocol I believe) just as an FYI.
I haven't seen the detail on where the malware is picking up the information, I.E. if its in a TEE but I highly doubt it. I would say that it is monitoring transactions like device to server etc.