Banks are warning customers of the risk of their mobile banking credentials being stolen by malware masquerading as a Flash player sent to them through unwarranted messages or through pop-ups on websites.
According to Quick heal Security Lab report, a new Android malware named Android.banker.A2f8a has been detected which targets banking applications. The Trojan targets over 232 banking apps, which includes a few Indian banks like Axis Mobile, HDFC Bank MobileBanking, and iMobile by ICICI Bank, IDBI bank (Go Mobile and Go Mobile+), IDBI Bank mPassbook, Baroda mPassbook, Union Bank among others.
The fake app asks users for administrative rights just after setup. Even if a user initially denies admin access, the app continues throwing pop-up windows until the user accepts. Once the app gets admin rights, it hides its icon and seeks financial apps. In the background, the Trojan carris out some malicious tasks like hijacking SMSes and contact lists, disclosing location details and, which it uploads to malicious servers, showing fake notification etc. Since the malware can impede incoming and outgoing SMS from an infected phone, it can also bypass the OTP based two-factor authentication on the user’s bank-account.
Consumers with banking apps on their Android devices must note that Android 4.1, Adobe Flash Player has been discontinued. Even in the latest GooglePlay Store, there is no Adobe Flash Player app available.