Formbook is not a new threat, security experts have been warning about this uninvited visitor for several years. At the same time, this malware attacks in waves, which is why it is not advisable to underestimate this threat – despite the current decrease in detections.
It is a stealth malware that steals credentials from web browsers, takes screenshots, tracks keystrokes, and can download and execute files based on commands from a command and control server. The malware only attacks Android devices.
They promise extra income from home, then turn the trusting into white horses
Safety
Avoids detection
At the same time, users may not even know that their phone or tablet is attacked by Formbook. “He uses a number of tricks and techniques to avoid detection. It is usually spread through phishing emails and attachments, so the best way to prevent infection is to carefully monitor all emails that look suspicious or come from unknown senders,” Tomáš Růžička, Check Point’s security expert, warned earlier.
The security experts of the antivirus company Eset, who regularly compile a list of the most widespread malicious codes every month, warned about Formbook especially at the beginning of this year. At that time, he attacked more and more often in the Czech Republic.
The number of detections increased from December’s 3.68% in January to 4.14%, but in February it was already 9.61%. During March, however, there was a drop to 7.36%, and April’s figures showed that this uninvited visitor was on the decline again – Formbook’s share was 3.35%.
In May, this uninvited visitor did not even make it into the top ten most widespread malicious codes that attack devices with the Android operating system. In other words, his share must have been less than 1.89%. Agent.MGC, which closes the list of the ten most widespread viruses, had such a share.
Dangerous Andreed
Most often in the past month, owners of smartphones and tablets with Android could encounter the malicious Andreed code, which Novinky.cz warned about earlier. Its share among other threats was 16.42%.
Andreed belongs to the malicious code of the adware type. Therefore, the attackers do not try to steal any sensitive data through it, but they display excessive advertising on the attacked machine, from which they subsequently profit.
“The package could not be delivered.” Fraudulent SMS are bombarding the Czech Republic
Safety
