Newly discovered Two Android Banking Trojan posed as popular social Media and banking apps to steal the victim’s financial information from online banking and payment systems
Android Banking Trojan’s mainly targeting the financial sector such as bank and other financial institutions and compromising it to steal sensitive information such as username, password and credit card data.
It mimics as popular social media apps such as WhatsApp, Facebook, Skype, Instagram, Twitter and other India based banking apps.
Malicious Android Applications are using fake ICON’s to trick users to install it on to the victim’s device.
Initially victims download the malicious apps downloaded from third-party app stores or links provided in SMS’s or emails and pornographic websites.
Once it downloads and installed into the vicitms computer the malware gain access to special privileges by forcing the user to select the ‘Activate’ button.
The malicious application requested to Activate the device administrator to gain the complete control of the infection victims device.
If the user will press the CANCEL button, the app will keep asking Press the ACTIVATE button to gain the special permission as you can see the above Picture.
Also, this malware having a list of apps that imitate as a legitimate apps and search it in the infected victim’s device after gaining the special permission.
According to Quickheal, if the user opens any of these apps (banking or social media), the Trojan displays a fake window asking for a credit/debit card number. Unless this number is provided, this window prevents the user from accessing the app
Once the infected users will provide a card number and other relevant information that requested by this Trojan, then it will share the gathered information to the attacker via Command & Control server.
New Malicious dropper Spreading Dangerous “Bankbot” Banking Malware via Google Play store
New Dangerous Android Permission Security Flaw leads to Ransomware and Banking Malware Attacks
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…
White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…