Written in MONEY the
“Revive” is malware created to attack users who use the BBVA application. This type of scam is designed so that users unknowingly share their banking information and through this, criminals can make transactions as if the user were authorizing them.
This virus uses different social engineering techniques to appear as a legitimate application in order to trick victims. The computer virus is delivered via a ‘phishing’ page and hides behind a new 2FA (two-factor authentication) application of the target bank, according to analysts at security firm Cleafy.
Although “Revive” has been operating for a short time, and many details about its operation are still unknown, it would be capable, among other things, of “intercepting all the SMS received on the infected device”.
“This would allow it to put the security keys that BBVA shares with its customers in the hands of cybercriminals. Thanks to this, since the Trojan gains access to all the information that the user writes on their device, criminals could gain access to their bank accounts,” note analysts at Cleafy.
How does malware work?
Malware is a general term to refer to any type of malicious software designed to infiltrate a device without the user’s knowledge.
To infiltrate the user’s cell phone, a text message is sent inviting them to download an authenticator application to verify the user’s identity. It is a Phishing SMS since it passes itself off as a native BBVA application. The procedure is very well designed and realistic, to such an extent that the user would not doubt this application.
The objective of “Revive” is to collect the user’s personal data from their bank account and access their SMS to carry out banking operations with them without the person noticing.
It was called “Revive” because the malware restarts if it stops working. It is known that this malware currently works only for BBVA users, however, it is not ruled out that it could be transformed to attack other users of other banks.