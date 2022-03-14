Escobar is an upgraded version of the well-known Android banking Trojan, Aberebot, and can steal the credentials of up to 190 financial apps.

The great popularity of Android makes Google’s mobile operating system the a highly desirable target for cybercriminalswho are constantly improving their malware programs to circumvent the restrictions imposed by this.

Well, now Bleeping Computer analysts have discovered a new Trojan called “Escobar”, we don’t know if it’s as a tribute to the popular Colombian drug trafficker, who is able to bypass two-factor authentication.

“Escobar”, one of the most sophisticated Android banking Trojans

As Bleeping Computer researchers tell us, “Escobar” malware is not entirely new, as it is really an improved version of one of the most popular Android banking trojans, Aberebot.

One of the main characteristics of Escobar is that can steal multi-factor authentication (MFA) codes generated by the Google Authenticator appthus bypassing this security protocol of the American giant.

The way this malware works is no different from similar ones, since Escobar infects your device through a phishing SMS message or through a harmless-looking app from the Play Store and, once your terminal is infected, this Trojan performs an overlay procedure whereby shows you fake login screens in order to steal the credentials of your banking applications and cryptocurrency wallets. In this sense, we must emphasize that Escobar can steal the credentials of up to 190 financial apps.

Being a new malware, Escobar has some limitations such as its price, since cost a few thousand dollars and not all cybercriminals can afford this investment.

To prevent your smartphone from being infected with Escobar or any other banking Trojan, we recommend that you have your terminal updated with the latest Android security patch and that you check that you have activated the tool Google Play Protect in the Play Store.

