The new banking trojan for Android

Posted: June 7, 2013 in IT Security News
Tags: , , , , ,

Banking trojan for Android

Banking trojan for Android

The new banking trojan for Android spread via SMS-phishing.

The company’s specialists McAfee Labs discovered a new Trojan for the bank’s mobile operating system Android, identified by McAfee experts as Android / FakeBankDropper.A and Android / FakeBank.A.

A malicious program that operates mainly in South Korea, the program replaces the legitimate mobile banking provides its customers with local banks.

According to experts, the malware spreads via SMS-phishing. Typically, the mobile device of the victim comes fake an SMS-message, the sender is supposedly the Financial Services Commission. The message contains a request to install a new application on a device to protect against malware.

Finantial CredentialsThis SMS-message also contains a link, clicking on which the victim can download and install the application. Getting on the victim’s device, a malicious application tries to delete a legitimate application of mobile banking. In case of failure, it displays the device, the notification asking them to remove legitimate application manually. After that, the malware displays the newly infected device message asking you to set a different application.

Visually, this application is not much different from legitimate, but behaving very suspiciously, trying to find out from the victim’s confidential information. In particular, the Trojan infected device asks users to enter bank details, account number, password, ID in the online banking system, social security number.

All information received malware sends to a remote server controlled by hackers.

Link:

http://blogs.mcafee.com/mcafee-labs/phishing-attack-replaces-android-banking-apps-with-malware

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s