'Invisible Man' malware targets Android devices

'Invisible Man' malware that records keystrokes, steals banking data targets Android devices. The malicious software likely originated in Russia

A dangerous form of malware that records keystrokes and steals banking data is targeting Android users. Invisible Man, a relative of malicious software Svpeng, deceives smartphone owners by disguising itself as a fake Flash Player update.

Once it's downloaded, Invisible Man checks a device's language settings. If it's set to Russian, the payload will abort. If not, the malware requests permission to use the device's accessibility services feature, which helps disabled users navigate the smartphone.

The US Government Banned Kaspersky Antivirus

Once access is granted, Invisible Man draws images on the smartphone's screen, where it produces invisible overlays that record keystrokes. As users type their passwords, credit card account numbers and other personal data into apps, the information is passed onto criminal third parties.

How can users avoid Invisible Man?

1.  Be wary of fraudulent Flash Player downloads or updates, which often hide deceptive forms of malware. Only trust updates that come directly from Adobe.


2. Remain suspicious of apps that require use of accessibility services.


3. Don't open files you don't recognize.


4. Don't install apps from unverified third-party sources.


5. Install updates as soon as they become available.


6. Use anti-virus software on all Android-based devices.

Share This:

Facebook Twitter Pinterest Linkedin Whatsapp Whatsapp

About Emmanuel

This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.