The malware, called WannaHydra, has the ability to intercept information, collect call logs, access contacts, and take pictures of a contaminated device.
Until now, malware seems to target mainly customers of Santander, Itaú and Banco do Brasil.
Once WannaHydra is installed on a smartphone, it notifies the user of an alleged problem with its bank account and asks for the username and password to be resolved.
In order to be more reliable, malware displays a page that mimics the bank's official page, which increases the likelihood that the user will be fooled and give their data.
Nikolaos Chrysaidos, a security researcher at Avast, said in a press release that this was the first time the company detected a virus that is at the same time banking Trojan and ransomware.
The best way to protect yourself from such incidents is to use an antivirus application and avoid downloading apps from unofficial sites and stores. In addition, it is very important to keep your data back up. Here are six simple steps to protect you from WannaHydra:
- Be always cautious: Banking applications never ask customers for login because of alleged accounting irregularities. Generally, such contacts are made by phone and the customer is invited to appear at one of the bank's branches. So, if such a message appears on your device, ignore it.
- Use antivirus and firewall programs: It's very important to use trusted applications to block malware, viruses and other malware, especially on Android devices, as they are more vulnerable.
- Do not click on suspicious links: Avoid clicking any link you are sent through E-mail which is supposed to come from your bank or from other sources or websites.
- Enable Google Play Protect: If you are an Android user, open the application Google Play Store, tap on Μενού (the three parallel bars), select Play Protect and check your native Android defense status.
- Avoid installing applications manually or through third-party stores: Third-party stores can spread dangerous content, so it's best not to install apps from them.
- Make regular backups of your data: Backups will save your data if your device becomes a victim of a ransomware attack. All you have to do is restore your factory settings, reset your device and transfer your data.