You are here: Home » Technology » News » Apps
Business Standard

Mobile users beware: Android banking trojan targets Indian bank apps

Malware successfully detected, no immediate mention any known occurrences of misuse so far

Romita Majumdar 

Around 40% of target of the malware has been detected in India

An Android Banking Trojan/that targets around 200 apps, including those offered by Indian banks, has been detected, prompting security researchers and banks to alert consumers.

The is designed for stealing login credentials, hijacking SMS messages, uploading contact lists and SMS messages to malicious servers by displaying a fake overlay screen on top of legitimate to capture user inputs, said software security firm QuickHeal in a post on Saturday.

"Do not download and install applications from untrusted sources offered via unknown website links on unscrupulous messages," said Canara Bank in a note to users. The bank suggested avoiding unknown wi-fi networks to prevent rogue access to devices.

While the has been successfully detected, there is no immediate mention any known occurrences of misuse so far.

Android.banker.A2f8a is being distributed through a fake Flash Player app on third-party stores. This is not surprising, said QuickHeal, given that Adobe Flash is one of the most widely distributed products on the internet and because of its popularity, it is often targeted by attackers.

The malicious app shows fake notifications on behalf of the original app and when users click on the fake notifications, they are directed to enter their login credentials into a fake login page.

The has targeted of Axis Bank, HDFC, ICICI, and among others says the blog. The has also targeted a number of cryptocurrency like Bitcoinium, Bitcoin Wallet, BTC Safari and Bitfinex apart from many others.

A number of international banking and payment are also listed like ING Australia Banking, Citibank Australia, Citi Mobil UK, Singapore Digital Banking and PayPal Mobile and Amazon for Tablets.

The can intercept messages from incoming and outgoing messages and bypass SMS based two-factor authentication on the victim's bank account. It can suppress the device's ringer volume to prevent the user being alerted about SMSs.

Quick Heal has warned users that there is no official Adobe Flash Player available on the Google Play Store. Adobe had also announced that it will stop updating and distributing Flash player by the end of 2020 in all formats of browser.

Tips to stay safe from Android Banking Trojans:

Avoid downloading from third-party app stores or links provided in SMSs or emails.

Always keep ‘Unknown Sources’ disabled. Enabling this option allows installation of from unknown sources.

Most importantly, verify app permissions before installing any app even from official stores such as Google Play.

Install a reliable mobile security app that can detect and block fake and malicious before they can infect your device.

Always keep your device OS and mobile security app up-to-date.

Source: Quick Heal Technologies

First Published: Sun, January 07 2018. 00:57 IST