Home / News / Mobile Phone News / New Android malware targeting bank details – here's how to protect yourself

New Android malware targeting bank details – here's how to protect yourself

by

Android Logo

There's a new Android Trojan doing the rounds, and this time, it's after banking details – targeting customers of banks across the US and Europe.

The malware looks like a Flash Player app, and is considered to be highly dangerous as it has the ability to bypass two-factor authentication via SMS.

Banks such as Santander, Paypal, and Wells Fargo are reportedly among the more than 90 banks being targeted by the malware.

Related: Best antivirus

Fortinet security researcher Kai Lu told the International Business Times: "Active users of mobile banking apps should be aware of a new Android banking malware campaign targeting customers of large banks in the United States, Germany, France, Australia, Turkey, Poland, and Austria.

"This banking malware can steal login credentials from 94 different mobile banking apps."

The app works by displaying an overlay on top of other apps, restarting whenever a user clicks the 'cancel' button, eventually forcing them to tap on the 'activate' option.

This apparently grants the malware full device administrator rights, while it remains active in the background even after the Flash Player icon is hidden from the launcher.

Once installed, the app can intercept SMS messages, which means it can bypass two factor authentication set up by banks to increase security.

What's more, once it's been installed the app has a so-called 'self-defence' mechanism which stops the malware from being uninstalled.

Users affected by the Trojan will see a fake login window that asks for login credentials for apps, which, once entered, are sent to the app's command and control centre.

If you've been duped by the malicious software, the first thing to try is to uninstall it manually by going to settings>security>device administrators and tapping on Google Play Services.

From here, you should be able to tap on a Deacticate option, then head to settings>apps>Flash Player Update and tap on Uninstall.

Of course, if you think your bank details have been stolen via the malware, you should contact your bank immediately.

Watch The Refresh: The best tech gossip and reviews every week

Let us know if you've been affected in the comments.

Some Person

November 7, 2016, 12:07 am

2FA is too General. It attempts to protect every single login. What we need is to protect important transactions, like Bank withdrawals. ChainLock by ChainTight Security enables accounts to be locked using the security of a Bitcoin address and the Bitcoin blockchain. There is no bypassing the Bitcoin blockchain.

comments powered by Disqus