Android Malware Targets 232 Banking Apps: Quick Heal

Quick Heal Security Labs detected an Android Banking Trojan that targets more than 232 banking apps including those offered by Indian banks.

Android Malware

A report by Quick Heal Security Labs says, an Android malware is reportedly targeting over 232 banking apps including a few banks in India. The Trojan malware, named ‘Android.banker.A9480’, is designed to steal personal data from users.

According the the Quick Heal blog post, like most other Android banking malware, even this one is designed for stealing login credentials, hijacking SMSs, uploading contact lists and SMSs on a malicious server, displaying an overlay screen on top of legitimate apps and carrying out other such malicious activities.

Quick Heal lists the Indian banking apps that are targeted by the Android banking Trojan malware: Axis mobile, HDFC Bank MobileBanking, SBI Anywhere Personal, HDFC Bank MobileBanking LITE, iMobile by ICICI Bank, IDBI Bank GO Mobile+, Abhay by IDBI Bank Ltd, IDBI Bank GO Mobile, IDBI Bank mPassbook, Baroda mPassbook, Union Bank Mobile Banking, and Union Bank Commercial Clients.

The Trojan malware Android.banker.A2f8a is being distributed through a fake Flash Player app on third-party stores. This is not surprising given that Adobe Flash is one of the most widely distributed products on the Internet. Because of its popularity and global install base, it is often targeted by attackers.

After installing the malicious app, it will ask the user to activate administrative rights. And even if the user denies the request or kills the process, the app will keep throwing continuous pop-ups until the user activates the admin privilege. Once this is done, the malicious app hides its icon soon after the user taps on it.

In the background, the app carries out malicious tasks – it keeps checking the installed app on the device and particularly looks for 232 apps (banking and some cryptocurrency apps).

Tips to stay safe from Android Banking Trojans

  • Avoid downloading apps from third-party app stores or links provided in SMSs or emails.
  • Always keep ‘Unknown Sources’ disabled. Enabling this option allows installation of apps from unknown sources.
  • Most importantly, verify app permissions before installing any app even from official stores such as Google Play.
  • Install a reliable mobile security app that can detect and block fake and malicious apps before they can infect your device.
  • Always keep your device OS and mobile security app up-to-date.

LEAVE A REPLY

Please enter your comment!
Please enter your name here