Quick Heal Security Labs has detected an Android banking trojan; Android.banker.A9480 which is said to be targeting more than 232 banking apps which also includes the apps offered by Indian banks. Like other banking trojans, even the Android.banker.A9480 is designed with the aim to steal login credentials, hijacking SMSs, etc. The trojan is being distributed through a fake Flash Player app on the third-party store, and it is not very surprising considering Adobe's flash player is one of the most widely spread products on the Internet. Once the malicious app is installed the phone, it requests for Administrative rights and if even if a user rejects or terminates the process, it keeps throwing pop-ups until the user activates the admin privilege. The app then goes into hiding once the user taps on it.Once the icon is hidden, it looks for all the installed apps especially from the 232 apps that include banking and some cryptocurrency apps. If the trojan finds any one of the apps from the list of 232 apps, it throws fake notifications duping targeted banking app. if a user clicks on the notification, they are shown a fake login screen to steal the user’s confidential login details. The malware was capable of receiving and processing login credentials, hijacking SMSs, uploading contact lists ...
Read Here»
Read Here»