With the advent of Android smartphones, we are no longer away from accessing the World Wide Web. Within a few clicks, we can access all the information needed and can quench our never-ending thirst for information. However, just like we are trying to access the information distributed around the internet, people on the other side are also trying to do the same. Malicious software like Trojans and Malware try to steal our personal information. Although cybersecurity experts try their best, every day a new malicious application comes and infects our system.
An android malware has recently been detected by the Quick Heal Labs which if creeps in our device or system upload the data to malicious servers. Identified by the extension Android.banker.A2f8a, the malware steals the personal information of the user and also targets the banking apps to steal login credentials. The malware has also been detected earlier as Android.banker.A9480 and does the same with the infected system. Banking applications like iMobile by ICICI, SBI, etc. are its target and other applications including e-commerce apps like Amazon, are also on its radar.
The malware infects the system via a fake flash player update or flash player app available in third-party stores. Because of being popular among users, fake Adobe flash players are the obvious choice as host by hackers. Once installed, the malicious app keeps throwing pop-ups and as soon as the user clicks on the app icon, the icon becomes hidden. It keeps running in the background and keeps scanning the installed apps present on the device. The malware searches from its list of 232 applications and if a match is found, it throws a pop-up screen on the behalf of the application and requires login credentials for authentication. Once done, the login credentials are instantly forwarded to the malicious servers and the information like One Time Password (OTP) is exchanged via dynamic messaging between the device and the server.
Banking applications, cryptocurrency applications, and apps that require or involve valuable credentials of a user are its main target. To stay safe, many have suggested staying away from fake applications or third-party app stores. Adobe flash player has been discontinued since Android 4.1 and many web browsers have them already preinstalled. The Google Play Store has no Adobe flash player apps and one should avoid installing any flash players. One can also update their phone to the latest security patch offered by their respective mobile manufacturers and can also rely on popular and Google Play Certified malicious software remover to stay away from these trojans and malware.
Source - Quick Heal Blogs