From thehackernews.com
An Android banking trojan designed to steal credentials and SMS messages has been observed once again sneaking past Google Play Store protections to target users of more than 400 banking and financial apps, including those from Russia, China, and the U.S.
“TeaBot RAT capabilities are achieved via the device screen’s live streaming (requested on-demand) plus the abuse of Accessibility Services for remote interaction and key-logging,” Cleafy researchers said in a report. “This enables Threat Actors (TAs) to perform ATO (Account Takeover) directly from the compromised phone, also known as ‘On-device fraud.'”