Android Phishing Malware Attacks Banking Apps - Unravelled by Quick Heal Security Labs
Global IT security firm Quick Heal Security Labs, in a breakthrough attempt, exposed an Android Phishing Malware known as “Android.banker.A9480”.
Global IT security firm Quick Heal Security Labs, in a breakthrough attempt, exposed an Android Phishing Malware known as “Android.banker.A9480”. An Android Phishing Malware is a malicious program, designed especially for Android devices, which makes an attempt to get confidential information about customers using online banking and payment systems. As per reports, this Android phishing malware has been hacking a major part of the sensitive data provided by users like login Id and password, along with contact lists as well as SMS information from various banking applications provided by numerous banks. The malware works by extracting all these confidential data followed by an upload to a certain server that is malicious in nature. The cyber criminals then access the server to extract any kind of information and use the same to their own advantage.
Impact on Banking and Cryptocurrency Based Apps
With digital transformation, any activity happening online requires high security for the safety and assurance of the customers. Banking sectors usually follow a strict planning regarding the security of the money deposited by millions of customers. Banks introduce new apps to ease the availability of facilities like transfers, bill payments and so on. However, the disclosure of this new malware has given rise to concern for all the users of banking apps and online payments.
This specially created harmful malware has been affecting the banks on a deteriorating basis which includes approximately 232 banks declared as of now. The list of these 232 banks includes renowned names like axis.mobile (Axis Mobile), snapwork.hdfc (HDFC Bank MobileBanking), sbi.SBIFreedomPlus (SBI Anywhere Personal), hdfcquickbank (HDFC Bank MobileBanking LITE), csam.icici.bank.imobile (iMobile by ICICI Bank), snapwork.IDBI (IDBI Bank GO Mobile+), idbibank.abhay_card (Abhay by IDBI Bank Ltd), com.idbi (IDBI Bank GO Mobile), idbi.mpassbook (IDBI Bank mPassbook), co.bankofbaroda.mpassbook (Baroda mPassbook), unionbank.ecommerce.mobile.android (Union Bank Mobile Banking), unionbank.ecommerce.mobile.commercial.legacy (Union Bank Commercial Clients). However, the impacts of this malware aren’t limited to the banking app. As reported by the Quick Heal Security Lab, this particular malware also affects the cryptocurrency based apps on the user’s phone.
The Malware Hijacks the Device and Hacks Sensitive Data
It should be noted by the consumers with banking apps on their Android devices that after Android 4.1, the use of Adobe Flash Player on the banking apps has been discontinued. Even on Google Play Store, there is no Adobe Flash Player app available. Now, the Trojan operates by disguising itself as a Flash Player app which has potential enough to dupe any user who doesn’t pay close attention to the details of the fake app. As you complete the download of this fake application, it sends a series of pop-ups that will ask you to grant it administrative privileges. Once admin rights are granted, it becomes easy for the malware to access all the confidential information in the smartphone.
In order to steal the banker’s login details, the malicious application shows false notifications from the banking app that has been targeted by the same. Once you click the notification, the malware takes you to the unreliable login screen which has been faked. As you key in the details, the malware gets admin rights to your phone. This allows the fake app to extract details like incoming as well as outgoing messages to allow the hackers to detour via the two-factor authentication system as well as the OTP verification option. The malware holds the capability of silencing any kind of device notification for the incoming messages which prevents the user from knowing that any such message has been sent by the company for verification purpose.
Tips to Stay Safe from Security Attacks
Apart from the banking section or cryptocurrency based apps, the antivirus Quick Heal has established that famous apps such as eBay, Amazon as well as the Western Union are highly susceptible to an attack by this malware. In order to ensure security, users can follow certain tips to stay safe from being attacked by this malware:
1. Refrain from downloading apps via a third-party or through any link provided to you via an SMS or email.
2. Under the settings option on your phone, you can find the security section. Here the Unknown sources option should always be Disabled.
3. Even when downloading applications from official app stores like Google Play, always verify the application’s permissions before installing the apps.
4. Install an application for mobile security that is renowned as well as reliable to provide proper security against these malware.
5. Make sure you download the latest software provided by the mobile company.
6. Always keep device OS and mobile security app up-to-date.