Billions of Android users across the globe have been warned of a scary new attack which happens when you least expect it.
Hackers have found a way to scam people when they think their phone is switched off.
In actual fact, the cyber crooks have added a fake black screen to hide what they’re up to underneath.
They even remotely set the brightness to zero and disable notifications, so victims don’t get suspicious.
This means they can go and do what they like on your phone without you knowing anything is going on.
The malware lets them tap, write, copy and modify what they see as if they were holding the phone in their hands.
Even more worrying, it is also capable of monitoring your own actions, which comes in particularly useful for getting hold of sensitive PINs and passwords.
It’s a form of on-device fraud and banking malware called Octo.
And according to experts, it has already appeared in the wild.
Threat Fabric found it available on the dark web, where some of the worst net criminals lurk.
Most of them use fake web browser or Google Play Store app update notices on the internet to get people to download the malware.
And an app called Fast Cleaner, which had 50,000 installs, was also found to contain Octo.
It was removed from the Play Store in February.
Octo is actually a variant of a nasty trojan called ExobotCompact that was around in 2018.
“ExobotCompact/Octo has dangerous capabilities, powered by inventive distribution schemes including droppers on official Google Play store and malicious landing pages,” Threat Fabric said.
“Thus, customers are very likely to fall into installing the malware on their devices, allowing the actors to have remote access to their devices and therefore to their banking accounts.”
This story originally appeared on The Sun and was reproduced here with permission.