<div style="margin:20px 0 0 200px"> To view the site, enable JavaScript by changing your browser options, then <a href="">Try Again</a>.</div>

Android Banking Trojan targets over 232 banking apps, including Indian banks

30 Jan, 2018
Android Banking Trojan targets over 232 banking apps, including Indian banks

Banks are warning customers of the risk of their mobile banking credentials being stolen by malware masquerading as a Flash player sent to them through unwarranted messages or through pop-ups on websites.

According to Quick heal Security Lab report, a new Android malware named Android.banker.A2f8a has been detected which targets banking applications. The Trojan targets over 232 banking apps, which includes a few Indian banks like Axis Mobile, HDFC Bank MobileBanking, and iMobile by ICICI Bank, IDBI bank (Go Mobile and Go Mobile+), IDBI Bank mPassbook, Baroda mPassbook, Union Bank among others.

The fake app asks users for administrative rights just after setup. Even if a user initially denies admin access, the app continues throwing pop-up windows until the user accepts. Once the app gets admin rights, it hides its icon and seeks financial apps. In the background, the Trojan carris out some malicious tasks like hijacking SMSes and contact lists, disclosing location details and, which it uploads to malicious servers, showing fake notification etc. Since the malware can impede incoming and outgoing SMS from an infected phone, it can also bypass the OTP based two-factor authentication on the user’s bank-account.

Consumers with banking apps on their Android devices must note that Android 4.1, Adobe Flash Player has been discontinued. Even in the latest GooglePlay Store, there is no Adobe Flash Player app available.

How to stay safe from this Trojan?
  • Do not download apps from third-party app stores or links provided in SMSs or emails.
  • Keep device OS and mobile security app up-to-date.
  • Always keep 'Unknown Sources' disabled to avoid installation of apps from unknown sources.
  • Verify app permissions cautiously before installing it, even from official store like Google Play.
  • Install a reliable mobile security app that can detect and block fake and malicious apps before they can infect your device.

Read Other Articles

Read All Articles »
Private end-to-end encrypted Whatsapp group chats are not secured anymore!
Private end-to-end encrypted Whatsapp group chats are not secured anymore!
Read Details »
Top Cyber Attacks In 2017
Top Cyber Attacks In 2017
Read Details »

Hacking Tools

Explore All Hacking Tools »
UFTP - UDP based FTP with encryption
UDP based FTP with encryption

UFTP is an encrypted multicast file transfer program for secure, reliable & efficient transfer of files. It also helps in data distribution over a satellite link.

Read Details

Breaking News

Breaking News Of Each Month »
ATMs turn into Jackpot machines!
ATMs turn into Jackpot machines!

At least six attacks have taken place within the last week. They ranged in location from the Pacific Northwest to the Gulf region to New England. Thieves have stolen over $1 million in attacks so far.

Read Details