
Banking trojan for Android
The new banking trojan for Android spread via SMS-phishing.
The company’s specialists McAfee Labs discovered a new Trojan for the bank’s mobile operating system Android, identified by McAfee experts as Android / FakeBankDropper.A and Android / FakeBank.A.
A malicious program that operates mainly in South Korea, the program replaces the legitimate mobile banking provides its customers with local banks.
According to experts, the malware spreads via SMS-phishing. Typically, the mobile device of the victim comes fake an SMS-message, the sender is supposedly the Financial Services Commission. The message contains a request to install a new application on a device to protect against malware.
This SMS-message also contains a link, clicking on which the victim can download and install the application. Getting on the victim’s device, a malicious application tries to delete a legitimate application of mobile banking. In case of failure, it displays the device, the notification asking them to remove legitimate application manually. After that, the malware displays the newly infected device message asking you to set a different application.
Visually, this application is not much different from legitimate, but behaving very suspiciously, trying to find out from the victim’s confidential information. In particular, the Trojan infected device asks users to enter bank details, account number, password, ID in the online banking system, social security number.
All information received malware sends to a remote server controlled by hackers.
Link:
http://blogs.mcafee.com/mcafee-labs/phishing-attack-replaces-android-banking-apps-with-malware