SAEDNEWS: The Android malware BingoMod can delete all the data on your device.
According to SaedNews, as reported by BleepingComputer, a new Android malware called "BingoMod" can delete the victim's device data after successfully stealing money from their bank accounts. This malware spreads through text messages and appears to be a security tool or antivirus due to its deceptive name.
BingoMod appears to be a legitimate security tool, but once installed and confirmed, it can steal up to €15,000 per transaction. Researchers note that this malware is currently in active development, with its author focusing on adding code obfuscation features and various evasion mechanisms to reduce detection rates.
Like other dangerous malware, BingoMod is designed to steal money by accessing your financial accounts. Additionally, BingoMod can perform device fraud (ODF), allowing hackers to easily bypass the phone's security systems.
BingoMod is distributed through phishing SMS messages and uses various names to appear as a security tool, antivirus, or update, such as:
APP Protection
Antivirus Cleanup
Chrome Update
InfoWeb
SicurezzaWeb
WebSecurity
APKAppScudo
In one instance, this malware even used the icon of the free AVG antivirus available on Google Play. By clicking on the malware link in the SMS, during the installation process, the malware requests Accessibility Services permission to gain control of your device. Once this option is enabled, BingoMod steals all input data, takes screenshots, and intercepts SMS messages.
To execute fraud on the device or ODF, the malware creates a socket-based channel for receiving commands and an HTTP-based channel for sending screenshots to hackers, allowing real-time remote control of your phone.
Commands that hackers can remotely send to BingoMod include clicking on specific areas, opening applications, and writing text. Additionally, if the malware is registered as a management program on the victim's device, the hacker can remotely send a command to wipe the device's data. Researchers state that this is mainly executed after successfully draining the bank account and only affects the device's external memory. However, hackers can access settings remotely and reset the phone, completely erasing its data.
Since BingoMod can bypass Android antivirus apps, the only way to stay safe is to be cautious of phishing SMS messages. If you receive a message from an unknown number, do not click on its links or respond.
