Your phone might be hijacked by the ‘Octo’ Android virus


Another type of malware is making the rounds on Android devices. With a terrible component named Octo, crooks may remotely manage your phone and commit fraud on the device this time.

image source: tech advisor

This Android virus has grown from the ExoCompact(opens in new tab), which in turn was derived from the Exo trojan (opens in new window). Researchers at ThreatFabric(opens in new tab) stumbled into Octo after seeing people trying to buy it on the dark web.

It’s Octo’s remote access capabilities, which are offered through a live streaming module, that’s the biggest issue. With Android’s MediaProjection and Accessibility Service, you may perform remote activities.


Using a black screen overlay, lowering the brightness, and activating a “no interruption” mode, the virus conceals its malicious operations. The phone seems to be turned off to the owner, allowing crooks to take use of your phone and the information it contains.

Along with a keylogger, Octo comes with the frightening skills of blocking push notifications and intercepting SMS messages as well as silencing sound and locking the home screen, as well as the ability to run apps and initiate remote connections.

An alleged threat actor known as “Architect” or “goodluck” sells Octo on online forums, according to ThreatFabric. As a result of these similarities, as well as the fact that it has been successful in removing Google Protect on Google Play, experts think Octo may be an older version of ExoCompact repackaged as something newer.


Octo may enter an Android smartphone via a variety of methods. There are a variety of methods used to spread malware, the most common of which is via a malicious software on Google Play that pretends to be something it isn’t. Octo has been found in the following apps:

  •  Pocket Screencaster (com.moh.screen) 
  •  Fast Cleaner 2021 ( 
  •  Play Store (com.restthe71) 
  •  Postbank Security (com.carbuildz) 
  •  Pocket Screencaster (com.cutthousandjs) 
  •  BAWAG PSK Security (com.frontwonder2) 
  •  Play Store app install (com.theseeye5) 

What should I do next?

In order to avoid Octo and other Android malware, you must be diligent about what you download. Because once Octo is on your phone, the thief who placed it there has access to anything that comes on your screen.

So, even if the app comes from Google Play, always install applications from reliable sources and limit the amount of apps on your phone to a minimal. As long as malware manages to evade Google’s Play Protect, you are only as safe as you are willing to let yourself be.


In order to keep your phone secure, you need make sure that Play Protect is on at all times. Toggle on Scan applications with Play Protect and Improve dangerous app detection by tapping your profile icon next to the search bar, then choose Play Protect from the Gear symbol in the upper right corner of the screen.

Installing one of the top Android antivirus applications is a last recommendation that we would provide.


Leave a Comment