"SOVA, Worryingly Sophisticated Android Trojan, Takes Flight"

Researchers at ThreatFabric have discovered that a new Android banking trojan named SOVA (“owl” in Russian) is under active development, and it has big dreams even in its infancy stage. The malware is looking to incorporate distributed denial of service (DDoS), man in the middle (MiTM), and ransomware functionality into its arsenal, on top of existing banking overlay, notification manipulation, and keylogging services.  The researchers stated that this malware is still in its infancy, first appearing in August, and is now only on version 2.  The malware is currently undergoing a testing phase.  SOVA is fully developed in Kotlin, a coding language supported by Android and thought by many to be the future of Android development.  The makers of SOVA stated that SOVA could potentially be the most complete and advanced Android bot to be fully developed in Kotlin to this day.  SOVA relies on the legitimate open-source project known as RetroFit for its communication with the command-and-control (C2) server.

Threatpost reports: "SOVA, Worryingly Sophisticated Android Trojan, Takes Flight"