SOVA Virus is a new mobile banking ‘Trojan’ malware that can secretly encrypt an Android phone for ransom and is difficult to erase.    Also, the report says, the malware has been updated to its fifth iteration since it was discovered on the Indian internet in July. Check out the details.

What is SOVA Virus?

The Sova virus is a new strain of mobile banking malware. It employs the malware SOVA Android Trojan. Sova formerly targeted nations such as the United States, Russia, Spain, and subsequently India.

About SOVA Virus?

This malware is one of the most harmful for Indian mobile net banking customers. It is difficult to remove and is the fifth version of the first virus found in Indian online. It is capable of encrypting all data.  The country’s federal cyber security agency revealed this.

SOVA Virus Wroking

This particular virus hides bogus Android apps with similar-looking logos to popular search engines like Chrome, Amazon, and NFT platforms to trick users into installing it. The clever behavior of this virus is its distinguishing trait. When a user attempts to remove spyware using its settings choices on their device. The Sova virus then pauses the user’s operations and returns to the home screen. The notification displaying ‘This app is secured’ adds a twist to this activity.

Features of the SOVA Virus

– The malware captures keystrokes and cookies from infected machines. – They grab the tokens for multi-factor authentication (MFA). – Malware captures screenshots and videos from the camera without the user’s knowledge. – It uses the Android accessibility service to execute motions such as click and swipe. – Furthermore, bogus overlays may be found in a variety of apps.

Target of the SOVA Virus

More than 200 mobile apps, including banking apps, exchanges, and wallets for cryptocurrencies are all targeted by this malware.

Prevention Method of the SOVA Virus

– Limit your download sources to official app shops, device makers, or operating system app stores. – Always read the app description before installing it from the Google Play Store app. Never tick the ‘Untrusted sources’ checkbox for side-loaded applications. – Perform updates and fixes as needed on Android device providers. – Avoid using untrusted websites or links, and be cautious. – Be wary of unfamiliar email-to-text providers that mask their actual phone numbers.

Prevention Method of the SOVA Virus

– Update and install any antivirus or spyware software on your device. – Any unexpected behavior must be reported to the customer’s respective banks right away.


So far, it sounds riskier, and the cyber security agency recommended being careful while downloading any app from Play Store or using mobile banking.  Even it’s transforming from time to time to keep itself upgraded and powerful.

Thanks For Reading This Story