{"id":206788,"date":"2022-09-20T19:03:10","date_gmt":"2022-09-20T13:33:10","guid":{"rendered":"https:\/\/blog.forumias.com\/?p=206788"},"modified":"2022-09-20T19:03:10","modified_gmt":"2022-09-20T13:33:10","slug":"what-is-the-sova-virus-all-you-need-to-know-about-the-new-mobile-banking-virus","status":"publish","type":"post","link":"https:\/\/forumias.com\/blog\/what-is-the-sova-virus-all-you-need-to-know-about-the-new-mobile-banking-virus\/","title":{"rendered":"What is the Sova virus? All you need to know about the new mobile banking virus"},"content":{"rendered":"\n<p><b>Source: <\/b><span style=\"font-weight: 400;\">The post is based on the article<\/span><b> \u201cWhat is the Sova virus? All you need to know about the new mobile banking virus\u201d <\/b><span style=\"font-weight: 400;\">published in<\/span><b> Livemint <\/b>on<b> 19th September 2022.<\/b><\/p>\n<h5><b>What is the News?<\/b><\/h5>\n<p><span style=\"font-weight: 400;\">Indian Computer Emergency Response Team (<\/span><b>CERT<\/b><span style=\"font-weight: 400;\">&#8211;<\/span><b>IN<\/b><span style=\"font-weight: 400;\">) has given advisory on SOVA virus \u2013 a novel mobile banking \u201cTrojan\u201d virus that is currently targeting Indian customers.<\/span><\/p>\n<h5><b>What is SOVA?<\/b><\/h5>\n<p><span style=\"font-weight: 400;\">SOVA is a <\/span><span style=\"font-weight: 400;\">new mobile banking &#8216;Trojan&#8217; virus.<\/span><\/p>\n<p><b>Note: <\/b><span style=\"font-weight: 400;\">Trojan is a file, program, or piece of code that appears to be legitimate and safe but is actually malware. <\/span><span style=\"font-weight: 400;\">Malware is software intentionally designed to cause disruption to gain unauthorized access to information or systems.<\/span><\/p>\n<h5><b>How is SOVA targeting users?<\/b><\/h5>\n<p><b> <\/b><span style=\"font-weight: 400;\">SOVA malware hides itself within fake Android applications that show up with the logo of a few famous legitimate apps like Chrome, Amazon, NFT (non-fungible token linked to cryptocurrency) platform to deceive users into installing them.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u2013 Once the fake android application is installed on the phone, it sends the list of all applications installed on the device to the C2 (command and control server) controlled by the threat actor in order to obtain the list of targeted applications.<\/span><\/p>\n<h5><b>What information can SOVA collect<\/b><strong>? <\/strong><\/h5>\n<p><span style=\"font-weight: 400;\">SOVA can collect keystrokes, steal cookies, intercept multi-factor authentication (MFA) tokens, take screenshots and record video from a webcam and can perform gestures like screen click, swipe using the android accessibility service. It also has <\/span><span style=\"font-weight: 400;\">the capability to encrypt all data on an Android phone and hold it to ransom.<\/span><\/p>\n<h5><b>Can this application be deleted from the phone?<\/b><\/h5>\n<p><span style=\"font-weight: 400;\">SOVA protects itself from different victim actions For example, if the user tries to uninstall the malware from the settings or pressing the icon, SOVA is able to intercept these actions and prevent them by returning to the home screen and showing a toast (small popup) displaying &#8220;This app is secured&#8221;.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Source: The post is based on the article \u201cWhat is the Sova virus? All you need to know about the new mobile banking virus\u201d published in Livemint on 19th September 2022. What is the News? Indian Computer Emergency Response Team (CERT&#8211;IN) has given advisory on SOVA virus \u2013 a novel mobile banking \u201cTrojan\u201d virus that&hellip; <a class=\"more-link\" href=\"https:\/\/forumias.com\/blog\/what-is-the-sova-virus-all-you-need-to-know-about-the-new-mobile-banking-virus\/\">Continue reading <span class=\"screen-reader-text\">What is the Sova virus? All you need to know about the new mobile banking virus<\/span><\/a><\/p>\n","protected":false},"author":10317,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":""},"categories":[1566,1738,9],"tags":[10501],"class_list":["post-206788","post","type-post","status-publish","format-standard","hentry","category-daily-factly-articles","category-science-and-technology-daily-factly-articles","category-public","tag-live-mint","entry"],"jetpack_featured_media_url":"","views":{"total":0,"cached_at":"","cached_date":1704908316},"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/206788","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/users\/10317"}],"replies":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/comments?post=206788"}],"version-history":[{"count":0,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/206788\/revisions"}],"wp:attachment":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/media?parent=206788"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/categories?post=206788"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/tags?post=206788"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}