Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

New Android malware targeting bank details – here’s how to protect yourself

There’s a new Android Trojan doing the rounds, and this time, it’s after banking details – targeting customers of banks across the US and Europe.

The malware looks like a Flash Player app, and is considered to be highly dangerous as it has the ability to bypass two-factor authentication via SMS.

Banks such as Santander, Paypal, and Wells Fargo are reportedly among the more than 90 banks being targeted by the malware.

Related: Best antivirus

Fortinet security researcher Kai Lu told the International Business Times: “Active users of mobile banking apps should be aware of a new Android banking malware campaign targeting customers of large banks in the United States, Germany, France, Australia, Turkey, Poland, and Austria.

“This banking malware can steal login credentials from 94 different mobile banking apps.”

The app works by displaying an overlay on top of other apps, restarting whenever a user clicks the ‘cancel’ button, eventually forcing them to tap on the ‘activate’ option.

This apparently grants the malware full device administrator rights, while it remains active in the background even after the Flash Player icon is hidden from the launcher.

Once installed, the app can intercept SMS messages, which means it can bypass two factor authentication set up by banks to increase security.

What’s more, once it’s been installed the app has a so-called ‘self-defence’ mechanism which stops the malware from being uninstalled.

Users affected by the Trojan will see a fake login window that asks for login credentials for apps, which, once entered, are sent to the app’s command and control centre.

If you’ve been duped by the malicious software, the first thing to try is to uninstall it manually by going to settings>security>device administrators and tapping on Google Play Services.

From here, you should be able to tap on a Deacticate option, then head to settings>apps>Flash Player Update and tap on Uninstall.

Of course, if you think your bank details have been stolen via the malware, you should contact your bank immediately.

Watch The Refresh: The best tech gossip and reviews every week

Let us know if you’ve been affected in the comments.

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have 9 million users a month around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.