What is ERMAC 2.0?
ERMAC 2.0 is a new threat that is currently active only in Poland. However, there is no doubt that its operators will soon seek to infect users in other regions as well. Presumably, this dangerous malware has some similarities with the Cerberus malware. It supports a total of 378 banking and wallet applications. ERMAC 2.0, like other banking malware, is designed to steal contact information, text messages, launch arbitrary applications and activate overlay attacks on many financial applications in order to steal authorization data. In addition, new features have been added to it, allowing you to clear the cache of a separate application and intercept accounts stored on the device.
How ERMAC 2.0 gets on victims’ devices
So far, victims have been infected with malware using a fake Google Chrome app. Of course, the malicious APK file was not found in the official App Market store. It was distributed through banner ads, third-party app stores, and other unreliable Android software sources. Although at first only fake Google Chrome applications were used in the campaign, now the virus uses fake copies of various applications such as media players, baking applications, delivery services, etc.
Recommended Anti-malware tool:
Reset to Factory Settings
It will not be so easy to remove the application from the device. Definitely, it is necessary to reset the device to factory settings. Keep in mind that this will lead to the loss of personal data. Before performing the procedure, perform a backup.
- Start up your device in Recovery Mode using previous instruction
- Select the “Factory Reset” option, a notification will appear that it is impossible to reverse the changes;
- After completing the process, restart the phone by clicking on “Reboot“.