Avoid third-party apps, Android Malware infects devices for stealing banking credentials

With the advent of Android smartphones, we are no longer away from accessing the World Wide Web. Within a few clicks, we can access all the information needed and can quench our never-ending thirst for information. However, just like we are trying to access the information distributed around the internet, people on the other side are also trying to do the same. Malicious software like Trojans and Malware try to steal our personal information. Although cybersecurity experts try their best, every day a new malicious application comes and infects our system.

Android_banking_Trojan-1

An android malware has recently been detected by the Quick Heal Labs which if creeps in our device or system upload the data to malicious servers. Identified by the extension Android.banker.A2f8a, the malware steals the personal information of the user and also targets the banking apps to steal login credentials. The malware has also been detected earlier as Android.banker.A9480 and does the same with the infected system. Banking applications like iMobile by ICICI, SBI, etc. are its target and other applications including e-commerce apps like Amazon, are also on its radar.

The malware infects the system via a fake flash player update or flash player app available in third-party stores. Because of being popular among users, fake Adobe flash players are the obvious choice as host by hackers. Once installed, the malicious app keeps throwing pop-ups and as soon as the user clicks on the app icon, the icon becomes hidden. It keeps running in the background and keeps scanning the installed apps present on the device. The malware searches from its list of 232 applications and if a match is found, it throws a pop-up screen on the behalf of the application and requires login credentials for authentication. Once done, the login credentials are instantly forwarded to the malicious servers and the information like One Time Password (OTP) is exchanged via dynamic messaging between the device and the server.

Banking applications, cryptocurrency applications, and apps that require or involve valuable credentials of a user are its main target. To stay safe, many have suggested staying away from fake applications or third-party app stores. Adobe flash player has been discontinued since Android 4.1 and many web browsers have them already preinstalled. The Google Play Store has no Adobe flash player apps and one should avoid installing any flash players. One can also update their phone to the latest security patch offered by their respective mobile manufacturers and can also rely on popular and Google Play Certified malicious software remover to stay away from these trojans and malware.

Source - Android banking Trojan targets more than 232 apps including apps offered by Indian banks

Replies

  • samkosenko
    samkosenko
    thanks for news! need be careful.
  • Sarathkumar Chandrasekaran
    Sarathkumar Chandrasekaran
    Privacy, personal credentials, account details are at stake in this digital arena. Everyone promising that their product has the best security and every time hackers prove that Time only matters to break anything. Thanks for the Info

You are reading an archived discussion.

Related Posts

We all love watching TV shows and movies but sometime that needs a little help deciphering the dialogue. For example if you are watching something with a deep southern Texan...
I had recently been to my nephew's school, and while interacting with his teacher, I came across an interesting insight, she said that my nephew might be an 'extraordinary' kid...
The top scorers of the GK Quiz conducted on Quizzr are as follows. Congratulations to everyone who appeared in the top 10:
Agriculture engineering is one of the less common branches of Engineering India with only a handful of colleges. Being from a top Agricultural University in Rajasthan, I can understand the...
NATURE EMBEDDED - A design Technology Experience: NGMA Exhibition – Cartoon Competition, Mumbai, India