S.O.V.A – The most feature-rich Android malware

In August 2021, Researchers of Threat fabric revealed Android malware SOVA.

On Saturday, the new version of this malware grabbed headlines again. Shopping apps, cryptocurrencies, and banking applications are the prime targets.

The present-day version also consists of features to steal credentials and session cookies through web overlay attacks, lab keystrokes, hide notifications and carry out DDoS attacks. Two-factor Authentication codes can also be hacked using this. 

Researchers added that “The second set of features, added in the future developments, are very advanced and would push S.O.V.A. into a different realm for Android malware making it potentially one of the most advanced bots in circulation”

The US and UK are the top two countries that have been targeted by this malware. Russian, Spain, and Italy are also present in the list. 

Combining financial malware with automation and botnet capabilities, this bot could be one of the most advanced in circulation.