Android banking malware steals data, evades security measures, executes commands

Summary: A new Android banking malware exploits Android manifest weaknesses to steal user data remotely. Capable of evading standard security measures, it exfiltrates IP addresses, contact lists, account details, SMS messages, photos, videos, and banking certificates. The malware can also execute commands like adding/deleting contacts, sending SMS, and adjusting device settings. Detected by Kaspersky, it hides its icon post-installation to avoid detection.

Full article