How to save your Android phone from Octo malware
There is a new strain of malware on the internet that is attempting to take control of your Android device. Once installed, “Octo,” as it is generally known, can both view and manipulate your screen remotely, all without your knowledge.
So, let’s take a look at how Octo got started, how it works, and how you can avoid it.
What exactly is Octo malware?
Octo was discovered and reported on for the first time by ThreatFabric, which identified the strain as an evolution of the Exobot malware family.
Exobot malware has been primarily targeting financial activity since 2016 and has mutated into multiple strains over time. ThreatFabric has now detected a new strain dubbed ExobotCompact. D: However, on the dark web, the malware is referred to as “Octo.”
Numerous hackers attempt to gain access to your accounts using their personal devices by phishing for your login credentials and MFA codes.
Octo, on the other hand, enables malicious actors to remotely access your Android phone, a practice known as on-device fraud (ODF). ODF is very risky, as the activity does not originate from a remote location, but from the device on which your accounts and networks rely.
How Octo malware works
Octo hijacks Android’s MediaProjection feature in order to remotely stream your smartphone’s activity. While it is not a perfect live stream (the video goes at approximately one frame per second), it is sufficient for hackers to see what they are doing on your device.
However, before they can do anything, they will employ Octo to take over AccessibilityService.
But, you will not see any of this because Octo uses a black overlay on your screen in addition to silencing any notifications that may be received. Therefore, while your phone may appear to be turned off, hackers consider it to be open season on your Android smartphone.
From here, hackers can conduct a variety of operations on your smartphone remotely, including taps, gestures, text entry, text pasting, long-clicks, and scrolling.
Additionally, a hacker is not required to perform these tasks manually. Rather, they can just “inform” the virus what they want it to do, and the malware will take care of the rest.
As you may understand, the potential scope of fraud is much increased here, as it does not require a human to sit and go through the stages one by one.
How Octo malware affects your Android phone
It’s capable of a great deal once it is installed on your device. It can function as a keylogger, recording every action you do on your smartphone, including your lock pattern or PIN, the URLs you visit, and any screen taps.
Additionally, it is capable of scraping your contacts lists, intercepting SMS messages, and recording and controlling phone calls.
But, how can Octo obtain access to your Android phone? Well, as is the case with many malware attacks, hacked apps are a primary vector for infection.
According to ThreatFabric, the software “Fast Cleaner” had Octo as well as other malware kinds and had been downloaded over 50,000 times before Google deleted it from the Play Store. The app mostly targeted European bank customers and convinced them to install Octo by posing it as a “browser update”.
Additionally, a screen recorder dubbed “Pocket Screencaster” is impacted, as is a suite of bogus financial apps meant to deceive users of legitimate banks into downloading them.
How to save your Android phone from Octo
The key to avoiding Octo is to always exercise sound cybersecurity on your Android device. Never download an app from the Play Store until it has been thoroughly vetted.
While Google’s rejection system has improved significantly over the years, hacked apps continue to pass through on a regular basis.
Next, be particularly suspicious of apps that require you to download a separate app or to install an update via a link provided by the developer rather than the Play Store. Legitimate applications want you to utilise them, not to click on a dubious link to download another application.
Similarly, updates to your apps will come via the Play Store, not the app’s own update site. These are standard malware installation techniques, which you can avoid by just being mindful of your Android actions.
Also read: Does digital technology affect cognition?