EventBot is a mobile banking trojan and infostealer designed to abuse the Android operating system’s accessibility features to steal sensitive financial data. EventBot targets users of over 200 different financial applications, including banking, money transfer services, and crypto-currency wallets. The malware is not being distributed via the Google Play Store, with its creators most likely using shady APK hosting websites and rogue APK marketplace for distribution to potential victims’ devices. It’s just a matter of time until it catches up to other highly dangerous Android trojans.
Source: https://www.bleepingcomputer.com/news/security/new-android-malware-steals-financial-information-bypasses-2fa/