IAS Gyan

Daily News Analysis


2nd July, 2024 Cyber Security

Disclaimer: Copyright infringement not intended.


  • Snowblind is a new Android malware that uses a built-in Android security feature to bypass anti-tamper mechanisms and steal banking credentials.

What is Snowblind Android malware?

Snowblind is a malware that targets Android devices to steal banking information. Discovered by cybersecurity firm Promon, this malware can take your banking login details and perform unauthorized transactions. 

Key Details:


  • Android Malware

Primary Function

  • Steals banking credentials by bypassing anti-tamper mechanisms

Exploited Feature

  • Seccomp (Secure Computing)

Method of Operation

  • Repackages apps to disable detection of accessibility features used to extract sensitive information

Infection Vector

  • Installed from untrusted sources

Key Exploit

  • Injects code that loads before seccomp initializes, bypassing anti-tampering measures and utilizing accessibility services for remote screen viewing

Impact on Security

  • Can disable biometric and two-factor authentication used by banking apps

Discovered By

  • Security firm investigating Android malware


  • Apps handling sensitive information, particularly banking apps

Preventive Measures

  • Avoid installing apps from untrusted sources, ensure apps come from reputable developers, and keep security features updated




Explain the technical characteristics of Snowblind malware and its potential impact on national security.