New Android Malware Snags Banking Credentials

by Tim Sloane 0

This article in the International Business Times describes source code released on the dark web that has enabled a new range of malware that targets Android:

“spike in hacking attacks after the source code and step-by-step instructions about a piece of malware designed to steal banking credentials was leaked online via an underground forum.

Experts from Dr Web, a Russian anti-malware company, said the leak occurred sometime over the past month and that it had already resulted in a new variant of malware – dubbed BankBot – that is able to stealthily hide on a victims’ phone and hijack personal details.

“[We] believe that this may lead to a significant increase in the number of attacks involving Android banking Trojans,” the researchers warned in a blog post. After downloading and analysing the code, the experts found it is able to mirror popular services, including PayPal.”

Of course Android users that don’t download apps from untrusted sources such as these 3rd party app stores are much less likely to be hacked:

“The Trojan is distributed on third-party app stores in the guise of Google-related services. Once it is downloaded, it asks for administrative privileges and if the victim unwittingly allows this it transforms into an effective – if somewhat traditional – banking threat.”

This is not the first, and certainly won’t be the last mobile hack we see and banks and payment networks are almost assuredly going to be the primary targets. This is why Mercator urges banks to add behavioral biometrics to their defenses, as it can detect when the correct user id and password was not entered by the owner.

Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group

Read the full story here