Android Trojan Targets 200+ Global Financial Apps


Do not download apps from third-party stores and stick to Google Play only. In that banking apps, there are few banks belongs to India. Banking malware has evolved over the time, and the latest malware is hitting the apps directly and is found to have attacked more than 232 separate mobile banking apps around the world.

The list also includes mobile passbook apps such as IDBI Bank mPassbook and Baroda mPassbook.

Not only banking apps, this malware is also targeting cryptocurrency apps present on the user's phone where it is reportedly stealing similar sensitive data.

The Trojan malware, which has been named 'Android.banker.A9480' is being used to steal personal data from users. The app icon even resembles that of Flash Player as seen below.

More news: Raiders concerned about how Derek Carr will get along with Jon Gruden
More news: Apple: Mac and iPhone both affected by big chip vulnerability
More news: Hot air balloon crash kills tourist in Luxor, Egypt

Malware discovered by Symantec researchers sneakily spoofs Uber's Android app and harvests users' passwords, allowing attackers to take over the affected users' accounts.

The report notes that oce a user downloads the malicious app, they will be asked to activate administrative rights. In the background, the app carries out malicious tasks-it keeps checking the installed app on the victim's device and particularly looks for 232 apps (banking and some cryptocurrency apps). If it accesses any of these apps from a user's smartphone, it generates a fake notification sent on behalf of the banking app. Once the user falls for it and enters his or her login credentials, the malware will make the details prone to the attackers. The wealth of personal data on a mobile device makes it a tempting target for internet ne'er-do-wells, and they're getting quite clever when it comes to fooling users into compromising their security. The fake user interface "pops up on the user's device screen in regular intervals until the user gets tricked into entering their Uber ID (typically the registered phone number) and password".

"Users are advised to avoid downloading apps from third-party app stores or links provided in SMS and e-mails to keep their credentials safe", Quick Heal Technologies Joint Managing Director and Chief Technology Officer Sanjay Katkar said.

A representative from Uber warns users to only download trusted apps from the Google Play store, since this "phishing" app requires the user to download and install it in the first place in order for it to be able to work. They are similar as if it is the real banking app.