Svpeng, the Android trojan that becomes a keylogger
A new threat has been detected called Svpeng, a Trojan for Android that becomes Keyloggerthat takes advantage of a series of very specific services of this operating system to be able to steal data to the users.
This is a variant of the well-known banking Trojan Svpeng but now has been strengthened and is able to enter Android to perform Keylogger functionality to get high permissions in the system.
Use accessibility services
To infect the user’s terminal, the Trojan must have some input path. In this case, it pretends to be a flash playback app which is actually fake, once it is activated by the user, it asks for a series of fairly specific permissions.
This fake app spreads via infected web pages, according to Kaspersky. Once the user accepts the permissions to use the accessibility services that the application requires, the Svpeng Trojan automatically enters our system and can perform several actions such as the following:
– Screenshots: It can take screenshots in the app from banks to steal all the access credentials that you enter when you want to consult or make operations in your bank account.
– Capture other apps: It can also take a picture when the Trojan detects that we will enter a password, either in a banking app or any other in Gmail, Hotmail, etc.
– Replacement of apps: The Trojan is able to replace the Android message app to manage them, so you can even send and receive SMS.
– Other actions: It can call and even view our contacts as well as having the ability to prevent them from being uninstalled.
As you observe, the Trojan Svpeng has different ways of acting. The alarming thing about this threat is that it can affect any Android device whether or not it is up to date with updates, so no one practically gets rid of it being infected.
If there is any good news is that still, their threat level is not so high and also the largest percentage of users affected is in Russia followed by other European countries among which is currently not our country.
But be careful because that does not mean that at any moment a user can be affected by the Trojan Svpeng, so you must be careful when granting “rare” permissions.
Of course, you should never download anything that you consider suspicious, in addition to the recommendation to have off unknown sources to not install apps outside the Google Play store because at any time you can become infected by the Trojan Svpeng that acts as a Keylogger on your Android phone.