Mobile Trojan Svpeng Steals through Services

A new variant of the Svpeng mobile banking Trojan that features keylogging functionality, a technique more commonly associated with targeted threat actors. The modified Trojan steals entered text such as banking credentials by abusing Android’s accessibility services and with this Trojan to grant itself other permissions and rights and to counteract attempts to uninstall it. Hence, it is suggested that simply keeping device software up to date does not protect against this Trojan.

To address the issue, Kaspersky Lab researchers discovered that Svpeng had evolved to abuse this system feature to steal entered text from other apps on the device and grant itself a number of additional rights....Read More