Svpeng — This is a mobile banking Trojan. The discovered version of Zlovred received the functionality of the Keilger: the program is able to record the keystrokes on the device, which allows you to intercept confidential information, say, logins and passwords.
Trojan spreads through harmful websites under the guise of a false flash player. After penetrating the device, SVPENG requests the rights to access to functions for people with disabilities. As a result, the malware acquires a lot of additional privileges: for example, gets access to the interface of other applications and the ability to make screenshots of the screen every time a symbol is gained on the virtual keyboard.
Malicious program is able to block the windows of other applications. This allows Trojan to display its own phisho window over the interface of the banking application — Such tactics allows you to mislead the victim and receive confidential data.
In addition, Trojan appoints himself an application for SMS by default, gets access to contacts, and also betrays the right to make calls. Plus, any attempts are blocked to disable the administrator privileges of evil. Thus, Trojan makes his removal as difficult as possible.
The bulk of the new version of the new version of SVPENG came to Russia (29 %), Germany (27 %), Turkey (15 %), Poland (6 %) and France (3 %).
- Kaspersky laboratory