Countries
Close
English English Portuguese Português (PT/BR) 한국어 Korean 한국어 Japanese 日本語 chinese 中文 vitenam Tiếng Việt
Home BingoMod Android Malware Wipes All Your Device Data After Stealing Your Money
News

BingoMod Android Malware Wipes All Your Device Data After Stealing Your Money

Krishi Chowdhary Journalist Author expertise
Updated:
Disclosure
Disclosure
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.

The Tech Report Why Trust Tech Report Arrow down

Tech Report is one of the oldest hardware, news, and tech review sites on the internet. We write helpful technology guides, unbiased product reviews, and report on the latest tech and crypto news. We maintain editorial independence and consider content quality and factual accuracy to be non-negotiable.

Close icon

  • Researchers from the Cleafy TIR team have discovered a new malware called BingoMod that steals your money and then wipes all your device data to avoid detection.
  • The malware works through SMS phishing where it pretends to be a legitimate security tool. Once the customer installs it, the malware takes over the device and sends remote commands.
  • The malware is still active and according to the researchers, the author is still adding new obfuscation techniques to it in order to avoid detection.

BingoMod Android Malware Wipes Your Data after Stealing Money

A new Android malware called BingoMod has been discovered that can wipe all the data on your device after successfully stealing money from your account. It can steal up to 15,000 EUR per transaction.

The discovery was made by the Cleafy TIR team towards the end of May 2024. According to them, the malware is still active and its authors are working on adding more obfuscation techniques to avoid detection.

The researchers believe that such a focus on obfuscation techniques might suggest that the threat actor is new to this. They lack the experience and sophistication of a seasoned malware author.

How Does It Work?

After analyzing multiple samples, the researchers came to the conclusion that the malware is being distributed through SMS phishing where it pretends to be a mobile security tool.

Step #1 – Installation

BingMod is its technical name but to the victims, it presents itself as WebsIndfo, InfoWeb, WebSecurity, App Protection, Antivirus Cleanup, and so on. The goal is to come across as a legitimate tool.

Step #2 – Permissions

Now, once the victim has been fooled into installing the software, it asks to use “Accessibility Services”. If you allow it, it will give them extensive control over the device and allow it to send remote commands.

Currently, the malware supports over 40 remote commands such as remote screen monitoring, keylogging, and remote screenshotting.

Step #3 – Stealing Money

Once the malware is installed, it uses Account Takeover (ATO) and Device Fraud (ODF) for the following functions:

  • Intercept messages
  • Steal login credentials, and
  • Bypass bank users’ identity verification and authentication processes

The worst part about BingoMod is that it can also avoid the behavioral detection techniques that are usually used by banks to identify suspicious transactions. So, even banks’ advanced fraud detection controls are of no use.

Step #4 – Data Erase

Once the job is done, it erases all data from your device so that security experts cannot detect it. After all, if the device is completely empty, there will be nothing left for the forensic team to work with.

The worst part is there isn’t much you can do at the moment to stop it because it’s capable of blocking certain apps once it’s installed. So even if you have a security app, it might not be of much help.

‘BingoMod shows relatively straightforward functionalities commonly found in most contemporary RAT, such as HiddenVNC for remote control and SMS suppression to intercept and manipulate communication and logging user interactions to steal sensitive data.’ – Cleafy TIR Report

Also, not much is known about the author except the fact that they use English, Romanian, and Italian languages to target their victims. The authors might be Romanian themselves. But other than that, no other identification has been found so far.

The Tech Report - Editorial ProcessOur Editorial Process

The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.
Add Tech Report to your Google News feed

Question & Answers (0)

Have a question? Our panel of experts will answer your queries. Post your Question

Leave a Reply

Write a Review

Your email address will not be published. Required fields are marked *

Krishi Chowdhary Journalist

Krishi Chowdhary Journalist

Krishi is an eager Tech Journalist and content writer for both B2B and B2C, with a focus on making the process of purchasing software easier for businesses and enhancing their online presence and SEO.

Krishi has a special skill set in writing about technology news, creating educational content on customer relationship management (CRM) software, and recommending project management tools that can help small businesses increase their revenue.

Alongside his writing and blogging work, Krishi's other hobbies include studying the financial markets and cricket.

Most Popular News

1 BingoMod Android Malware Wipes All Your Device Data After Stealing Your Money
2 Bitcoin Whales Accumulate $5.4B Worth Of BTC Tokens In July
3 South Korea’s New Crypto Law Mandates Supervisory Fees for Crypto Exchanges
4 Bitcoin (BTC) to the Moon? VanEck Analyst Says $2.9 Million is Possible
5 Ripple Price Prediction: XRP Consolidate Around $0.59 – Will the Bulls Sustain this Level?

Latest News

Bitcoin Whales Accumulate $5.4B Worth Of BTC Tokens In July
Crypto News

Bitcoin Whales Accumulate $5.4B Worth Of BTC Tokens In July

Rida Fatima
South Korea's New Crypto Law Mandates Supervisory Fees for Crypto Exchanges
Crypto News

South Korea’s New Crypto Law Mandates Supervisory Fees for Crypto Exchanges

Rida Fatima

South Korea’s new Virtual Asset User Protection Act has subjected crypto exchanges to a new financial obligation. Following its implementation, the new law requires crypto exchanges, including Coinonr, Bithumb, and...

Bitcoin (BTC) to the Moon? VanEck Says $2.9 Million is Possible
Crypto News

Bitcoin (BTC) to the Moon? VanEck Analyst Says $2.9 Million is Possible

Rida Fatima

VanEck experts have made a bold prediction about the future of Bitcoin. They believe BTC could hit $2.9 million per coin by 2050. The analysts suggest Bitcoin could be used...

Ripple Price Prediction: XRP Consolidate Around $0.59 – Can Bull Sustain this Level?
Crypto News

Ripple Price Prediction: XRP Consolidate Around $0.59 – Will the Bulls Sustain this Level?

Rida Fatima
US Spot BTC ETFs Record $299,000 in Total Inflows as ETH ETFs Incur $77 Million in Outflows
Crypto News

US Spot BTC ETFs Record $299,000 in Total Inflows as ETH ETFs Incur $77 Million in Outflows

Rida Fatima
Cryptocurrency Hacks Totalling $266 Million in July, with WarizX at The Forefront
Crypto News

Cryptocurrency Hacks Totalling $266 Million in July, with WarizX at The Forefront

Rida Fatima
Riot Posts $84M in Quarterly Losses as Operations Expand
Crypto News

Riot Posts $84M in Quarterly Losses as Operations Expand

Aaron Walker

REGULATION & HIGH RISK INVESTMENT WARNING: Trading Forex, CFDs and Cryptocurrencies is highly speculative, carries a level of risk and may not be suitable for all investors. You may lose some or all of your invested capital, therefore you should not speculate with capital that you cannot afford to lose. The content on this site should not be considered investment advice. Investing is speculative. When investing your capital is at risk. Please note that we do receive advertising fees for directing users to open an account with the brokers/advertisers and/or for driving traffic to the advertiser website.

Crypto promotions on this site do not comply with the UK Financial Promotions Regime and is not intended for UK consumers.

© Copyright 2024 The Tech Report Inc. All Rights Reserved.