SpyNote strikes again: Is Android spyware targeting you and your bank?

SpyNote strikes again: Is Android spyware targeting you and your bank?

Find out how to protect your valuable banking information

by Jenna Roach

A new version of Android malware known as SpyNote is now attacking financial institutions around the globe, and it’s pretty no-joke alarming. The malware combines spyware and banking trojan characteristics and has targeted well-known banks, including HSBC.

Hackers are also increasingly using the SpyNote malware to secretly observe and modify infected Android smartphones. As a result, cybersecurity experts are warning Android owners and urging them to be on alert, especially during the installation of new apps.


What does SpyNote do?

SpyNote, also known to some as SpyMax, is a highly dangerous spyware family designed to monitor, manage, and modify a device (in this case, Androids). It can do many harmful activities, including gathering SMS messages, videos, calls, and audio recordings, tracking GPS locations, stealing passwords and credit card numbers, and much more. The latest variant of the spyware is called SpyNote.C, and it’s the first to openly target banking institutions and apps. It specifically targets banking applications and impersonates applications from several large reputable financial institutions.

How does SpyNote trick Android owners?

SpyNote closely follows the methods of other banking malware by requesting permissions to accessibility services so that it can extract 2-factor authentication codes and transfer banking information.

Another method it uses to trick people is by disguising itself as well-known applications like Facebook, WhatsApp, and Google Play, as well as other generic apps like wallpaper, productivity, and gaming apps. Distributing malware by disguising it as recognizable apps is a common way for hackers to ploy victims.


Has SpyNote attacked many Android owners?

At least 87 different customers between August 2021 and October 2022 have mistakenly purchased SpyNote since it was advertised by its developer under the fake name CypherRat through a Telegram channel. However, in October 2022, CypherRat’s source code was made public on the IT service management company GitHub. Once the code was released, the SpyNote attacks increased significantly and started focusing more on online banking apps.

How do I protect myself from SpyNote?

Experts warn Android owners not to download any suspicious-looking apps or apps from unknown sources. You should always check an app’s reviews and star ratings before downloading and refrain from downloading if only a few people have used it. Also, only grant permissions that are relevant to the app’s purpose.

However, the best way to protect your device from malware is by installing antivirus software. We always recommend the winner of our best Antivirus protection review by using TotalAV, as it protects from all harmful content, including malware, spyware, and adware.  Their product is full of features to keep you safe from malware and protect you when browsing the internet including ransomware protection, real-time antivirus protection, elimination of viruses and malware, a tool to free up your computer’s space, plus more.   Limited-time deal for CyberGuy readers: $19 your first year (80% off)  

You can check out our review of other anti-virus apps, here: Best Antivirus Security Software and Apps to Protect You.

Let me know if you are someone you know has been affected by the SpyNote malware and what happened.




Leave a Comment

Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder