As if the digital world couldn't get any scarier. According to a blog post released by Quick Heal Security Labs, an Android malware targeting banking apps is currently circulating on the internet. Android being one of the most common mobile OS currently used makes this malware all the more dangerous. This Trojan malware sneaks into your system to steal essential information. Thus, similar to any banking malware, it targets all your personal information like SMS, login details to all the applications on your phone, and even your contact list!
The Android malware targeting banking apps aims at hacking into 232 banking apps all over the world. This also includes Indian banking apps.
If you have invested in cryptocurrency like Bitcoins, then you are in potential danger too! The malware sniffs out the cryptocurrency apps present on your phone. Not only does it steal your information but it also uploads this information to malicious servers that are easily accessible.
This Android malware targeting banking apps is called Android.banker.A9480.
The Trojan malware is circulating through a fake Flash Player app available on third-party stores. Once the user downloads this Flash Player app, they will receive constant prompts asking for administrative rights. This pinging continues until the user finally accepts to give these rights and access.
Once the app is downloaded and installed on your phone, you can see the icon. Surprisingly, the app will vanish once you tap it! While you may think that the app may have possibly been uninstalled, it runs a covert operation in the background. It will check your system for any of the 232 banking apps it is programmed to detect. After it finds the app, it will send out a fake notification that is a copy of your bank's prompt. If the user taps on this notification, the malware will lead them to a fake login window that will collect the important login details the unaware user will key in.
The Trojan malware can collect a host of information that includes your SMS history, location, and identity. Moreover, it can also process basic commands for sending and receiving SMS, uploading location and contact list on the servers, GPS access, and fake notification alerts. Since it can intercept and process the incoming SMS, it can also bypass the two-factor authentication involving an OTP.
Indian Banking Apps at risk
According to the Quick Heal reports, the following banking apps are susceptible to Android.banker.A9480:
- Axis Mobile
- HDFC Bank MobileBanking
- IDBI Bank GO Mobile
- Union Bank Commercial Clients
- iMobile by ICICI Bank
- SBI Anywhere Personal
- Baroda mPassbook
- Abhay by IDBI Bank Ltd.
- HDFC Bank MobileBanking LITE
- IDBI Bank GO Mobile+
- IDBI Bank mPassbook
- Union Bank Mobile Banking