An Android malware is reportedly targeting over 232 banking apps including a few banks in India. As per leading IT Security Labs, Quick Heal, the Trojan malware, named ‘Android.banker.A9480’, is designed to steal personal data from users. Similar to other banking malware, this one also sneaks into login data, SMS, contact lists and uploads them to a malicious server.
How It Effects:
The Android Malware, Android.banker.A9480 gets circulated via a fake Flash Player app on third-party stores. The Flash Player app is a popular target for cybercriminals due to its prevalence. Once users download the malicious application, they get several prompts to activate administrative rights. The app sends numerous pop-ups to victims until the administrative privileges are activated, the report added. Once the app is installed on a smartphone, the icon gets hidden when the user taps on it. The malicious app keeps working in the background while checking for one of the 232 banking apps. Further, if the app finds one of the targeted apps, it sends a fake notification that resembles the banking app. When users open the notification, they get a fake login window that is then used by the attackers to extract confidential data like login ID and password. The malware can process commands like sending and collecting SMS, Upload contact list and location display, fake notification, accessibility and GPS permission. Since the malware can intercept incoming and outgoing SMS from an infected smartphone, it is also able to bypass OTP based Two-Factor Authentication on the users Bank Accounts.
Hence, all are advised to avoid downloading Apps (apparently malicious apps) from un-approved app-stores. Mobile App Stores such as Google Play and the Apple App Store are tightly curated to minimize the likelihood of malware in posted apps.
Source: Vijaya Bank Email Alert.