6.8.2021 | Researchers discovered a new Trojan Malware dubbed Vultur
The researchers from Amsterdam based cybersecurity firm ThreatFabric has discovered a new malware dubbed as Vultur which uses a new way to record login credentials on Android devices.
According to ArsTechnica, Vultur forgoes the previously standard way of capturing credentials and instead utilizes virtual network computing (VNC) with remote access abilities to record the screen when a user enters their login details into specific applications.
According to ThreatFabric, Vultur works by relying heavily on Accessibility Services found on the Android device. When the malware is started, it hides the app icon and then "abuses the services to obtain all the necessary permissions to operate properly."
The biggest threat Vultur brings is that it records the screen of the Android device it's installed on. Using the Accessibility Services, it keeps track of what application is running in the foreground. If that application is on Vultur’s target list, the trojan will start recording and will capture anything typed or entered.