Trojan Virus imitates Indian banking apps on android

January 05, 2018 12:00 AM
  • Trojan Virus imitates Indian banking apps on android logo

A new Android malware is seen spreading across devices, targeting various financial and banking apps including some offered by Indian banks. As per reports, the malware imitates the banking app to steal login credentials.

Quick Heal Security Labs has uncovered the Android Banking Trojan that targets 232 banking apps along with the apps offered by Indian banks.The malware gets automatically installed from various third-party stores. The malware is known as Android.banker.A2f8a, previously detected as Android.banker.A9480.

The Android Banking Trojan steals login credentials like most other malware apps. Following this, it also hijacks SMSs, uploads contact list and SMS on a malicious server as well as it displays an overlay screen on legitimate apps to carry other malicious activities.

Origin of malware - Android Banking Trojan

It is reported that the malware is distributed through a fake Flash player app on third-party stores. Because of Adobe flash player's prevalence on the internet, it's the easiest target for attackers to spread the malware.

Analysis of malware attack

After installing the malware from the fake flash player, it pops-up a request asking to activate administrative rights. Even if you deny or cancel the process, the application will again pop-up the same request until the user activates the admin privileges. Once the admin privileges are activated, the malicious app hides from the menu and phone display.

As a result, the app runs in the background and carries out malicious activities without easy detection. It scans for the targeted 232 banking apps in the victim's smartphone. If anyone of the apps is found on the device, then the app shows a fake notification on behalf of targeted banking app. Once the user clicks the notification, it pops-up a fake login screen asking for user credentials of net banking login ID and password. If the user enters these, the credentials are received by the attacker.

List of Financial and Banking apps targeted by malware in India

Here is the list of Financial and Banking apps that are targeted and attacked by the Android Banking Trojan. Almost 232 apps are found vulnerable, of these some are offered by Indian banks.

  • snapwork.IDBI (IDBI Bank GO Mobile+)

  • idbibank.abhay_card (Abhay by IDBI Bank Ltd)

  • com.idbi (IDBI Bank GO Mobile)

  • sbi.SBIFreedomPlus (SBI Anywhere Personal)

  • hdfcquickbank (HDFC Bank MobileBanking LITE)

  • csam.icici.bank.imobile (iMobile by ICICI Bank)

  • idbi.mpassbook (IDBI Bank mPassbook)

  • co.bankofbaroda.mpassbook (Baroda mPassbook)

  • unionbank.ecommerce.mobile.android (Union Bank Mobile Banking)

  • unionbank.ecommerce.mobile.commercial.legacy (Union Bank Commercial Clients)

  • axis.mobile (Axis Mobile)

  • snapwork.hdfc (HDFC Bank MobileBanking)

Tips to protect from Android Banking Trojans

  • Stay far from the third party store and links provided in emails and SMSs

  • Disable the ‘Unknown Sources’ option to avoid installing apps from unknown sources.

  • Try to install a reliable mobile security app. This can block and detect the malicious apps to a large extent.

  • Always keep your OS up-to-date.

  • Important to note, never trust the flash player app. Because there is no official Adobe flash player app available on Google Playstore since Android 4.1

Share this:

NEWSLETTER SUBSCRIPTION

Get the latest news from the social good space by signing up to our newsletter.
Subscribe

Submit an Idea

Do you have an idea for an app related to social good? Exceptional ideas will be considered for funding by Vodafone Foundation.

Submit

Case Studies

Holistic approach to farming advisories Image 71903
By Kavitha Srinivasa   As part of Agri-GIS, C-SAG has...
Tangible solutions for the visually impaired Image 71888
By Kavitha Srinivasa Tactopus, a 2018 social enterprise, is...
Investing in Teachers, key to primary education success Image 71326
By Kavitha Srinivasa Delhi-based Sampark Foundation, spearheaded...
Tools for Agricultural Angst Image 01 71126
By Kavitha Srinivasa Digital Green, is a not-for-profit...
Educate for a Better Future Image 70217
By Kavitha Srinivasa Jan Sewa Welfare and Educational Society, a...

Interviews

Educate, empower and equip everyone Digitally and Spiritually
By Kavitha Srinivasa How did Galway Foundation begin? Please can...
theteacherapp activities image
By Kavitha Srinivasa What prompted you to give up investment...
Hear2Read activities image
By Kavitha Srinivasa Impressionable Age Google Playstore...
Safecity Interview Banner
By Kavitha Srinivasa As sexual violence is a global issue — since...
By Kavitha Srinivasa It is not every day that one comes across a...