Bank data stealing malware uncovered by Quick Heal Security Labs

As per reports provided by the Quick Heal Security Labs, a Trojan malware known as “Android.banker.A9480” has been stealing a major part of the confidential information provided by users like login Id and password, along with contact lists as well as SMS information from various banking applications provided by numerous banks. The malware functions by extracting all these data followed by an upload to a certain server that is malicious in nature. From here, the cybercriminals have the feasibility to extract any kind of information and use the same for their own profit.

As India is progressing as a digital country, any activity happening online requires high security for the safety and assurance of the customers. Banking sectors usually follow a strict planning regarding the security of the money deposited by millions of customers in the country. Banks introduce new apps to ease the availability of facilities like transfers, bill payments and so on. However, the introduction of this new malware has given rise to concern for all the users of banking apps.

This specially created harmful malware has been affecting the banks on a deteriorating basis which includes approximately 232 banks as of now. The list of these 232 banks includes renowned names like SBI Anywhere Personal, iMobile by ICICI Bank, Union Bank Mobile Banking, IDBI Bank GO Mobile+ and so on. However, the effects of this malware aren’t limited to the banking app. As reported by the Quick Heal security Lab, this particular malware also affects the cryptocurrency based apps on the user’s phone.

Now, the Trojan operates by disguising itself as a Flash Player app which has potential enough to fool any user who doesn’t pay close attention to the fake app. As you complete the download of this fake application, it sends a series of pop-ups that will ask the user to grant it administrative privileges which once granted makes it easy for the malware to access all the confidential information in the smartphone.

In order to steal the banker’s login details, the malicious application shows false notifications from the banking app that has been targeted by the same. Once the user clicks the notification, the malware takes him to the unreliable login screen which has been faked. As the user feeds in the details, the malware gets admin rights to the user’s phone. This allows the fake app to extract details like incoming as well as outgoing messages to allow the hackers to detour via the two-factor authentication system as well as the OTP verification option.

The malware holds the capability of silencing any kind of device notification for the incoming messages which bar the user from knowing that any such message has been sent by the company for verification purpose. Apart from the banking section or cryptocurrency based apps, the antivirus Quick Heal has established that famous apps such as eBay, Amazon as well as the Western Union are highly susceptible to an attack by this malware. In order to ensure security, users can follow certain tips to avoid being attacked by this malware.

  • Refrain from downloading apps via a third-party or through any link provided to you via an SMS or email.
  • Under the settings option on your phone, you can find the security section. Here the Unknown sources option should always be disabled.
  • Even when downloading applications from official app stores like Google Play, always verify the application’s permissions before installing.
  • Install an application for mobile security that is renowned as well as reliable to provide proper security against these malware.
  • Make sure you download the latest software provided by the mobile company.

Around the World

The TeCake Staff

A team of writers hired in the house of The TeCake, which consists of journalists with broad, deep experience in print and online writing, publication and site management, news coverage, and editorial team management.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You Might Also Like