After a two-year hiatus, the Octo malware is back with improved features that make it easier for hackers to use it to completely take over the best Android phones

As reported by The Hacker News, security researchers at ThreatFabric have discovered a new version of this Android banking trojan called Octo2 So far, it has been used primarily in campaigns across Europe, but the malware could easily be reconfigured to target Android users in the US, Canada, and other countries around the world

What makes Octo2 so dangerous is the fact that it is currently distributed in malicious versions of popular apps including Google Chrome and NordVPN Once your phone is infected with this malware, hackers can not only completely hijack it, but also conduct fraudulent transactions from the device itself This allows the hackers behind this campaign to evade detection by banks and other financial institutions

Here is everything you need to know about this new version of Octo 2, including how Octo 2 infiltrated legitimate apps, as well as tips on how to keep yourself safe from Android malware

The original Octo malware was first discovered in 2022 However, according to a ThreatFabric blog post, it is actually based on the Exobot malware, which was first detected in 2016

We are now witnessing the emergence of Octo 2 because the source code of the original version was leaked earlier this year, and hackers with access to Octo's source code have begun creating their own variants of this malware to use in attacks

At the same time, Octo has moved to a malware-as-a-service (MaaS) operating model, allowing other cybercriminals to use this malware for their own attacks for a small fee to the developer the developer of Octo is promoting this new version as a notification to clients that existing users could obtain Octo2 for the same price through early access

To make their attacks harder to detect, hackers deploying Octo2 use Octo2 in conjunction with an APK binding service called Zombinder Zombinder allows hackers to obtain legitimate Android apps, which are then made available to end users at enable them to add malware so that it looks almost identical to the original app

Octo2 is downloaded by these rogue Android apps, leading users to believe that they need to install “required plug-ins” If an unsuspecting user falls for this, the hacker gains full remote control of the phone, allowing him or her to carry out any attack

The first and most important thing to do to protect yourself from Android malware is to avoid installing apps from unknown sources This means installing apps only from trusted app stores such as the Google Play Store, Samsung Galaxy Store, or Amazon Appstore

Sideloading apps may be convenient, but by doing so, you risk installing malicious apps and infecting your phone with malware Unless, of course, your job requires you to install apps that are not hosted in the official store But such cases are extremely rare, and most employers will not ask you to do this

From here, make sure Google Play Protect is enabled on your Android phone This free app comes preinstalled on most Android devices and can scan all existing and newly installed apps for malware But for further protection, you should also consider using one of the best Android antivirus apps with it

Now that Octo's source code has been released, there are likely to be more malware variants However, as long as you are careful online, avoid side-loading apps, enable Google Play protection, and keep your phone updated, you should be fine