New Android malware targets apps of Indian banks: Quick Heal

New Android malware targets apps of Indian banks: Quick Heal

New Android malware targets apps of Indian banks: Quick Heal

Nevertheless, the trojan serves as a reminder it's best to download mobile software from official app stores, which have far less malware than third-party app stores. In that banking apps, there are few banks belongs to India.

As reported by Symantec, the malware is a version of Android.Fakeapp, an Android trojan that attackers have been using to display advertisements and collect information from compromised devices since 2012.

Banking apps of lenders including Axis Bank, HDFC Bank, ICICI Bank, IDBI Bank and Union Bank are among those vulnerable.

"To avoid alarming the user, the malware displays a screen of the legitimate app that shows the user's current location, which would not normally arouse suspicion because that's what's expected of the actual app", explained Symantec threat expert Dinesh Venkatesan.

Mane said that Flash's popularity makes it a common target for hackers. "Deep links are URLs that take users directly to specific content in an app". The malicious app keeps working in the background while checking for one of the 232 banking apps. If it accesses any of these apps from a user's smartphone, it generates a fake notification sent on behalf of the banking app. "This case again demonstrates malware authors' neverending quest for finding new social engineering techniques to trick and steal from unwitting users".

Ross Barkley has medical ahead of move to Chelsea
The midfielder will have a medical at the club on Friday and will complete the move from his boyhood club Everton in the coming days.

Sorry Game Of Thrones Fans, There's Some Bad News
The seventh season ended last August with an average of more than 30 million USA viewers per episode across multiple platforms. Showrunners David Benioff and DB Weiss announced in 2016 it would finish with 13 episodes spread over a final two seasons.

Mega Millions jackpot at $361M for winning numbers drawing tonight
With slightly better odds than the Powerball game, it's rare that months pass without someone winning a Mega Millions jackpot. It's the second time that Powerball and Mega Millions have had jackpots bigger than $300 million at the same time.

If anyone of the targeted apps is found on the infected device, the malware will throw up a fake notification screen that leads the user to a login screen, both created to mimic the original app. It will then ask for login credentials masked as that banking application. And even if the user denies the request or kills the process, the app will keep throwing continuous pop-ups until the user activates the admin privilege. Using this method, they will steal the complete information like login ID and passwords.

The fact that the malware can intercept all incoming and outgoing SMS from the infected device is important, given that this enables the attackers to bypass SMS-based two-factor authentication on the victim's bank account (OTP).

Still, it's a good reminder for users not to download apps from untrusted sources - sticking to the Google Play store is a good idea - and to expect sophistication from malicious apps.

Install a reliable security app on your device and updating them regularly.

Related news

[an error occurred while processing the directive]