Quick Heal reports malware that targets 232 bank apps worldwide

06 January, 2018, 02:54 | Author: Manuel Hopkins
  • New Android malware steals Uber credentials

The researchers noted that the trojan hid behind a fake Flash Player app on third-party app stores and exploited the popularity of the Flash Player to infect millions of devices.

'Mobile malware such as the Android Trojan can mimic legitimate banking apps as well as notifications. However, this malware attacking the Uber Android app is a good reminder for the users to stay away from downloading apps from untrusted sources.

The report lists a number of targeted banking apps which, includes Axis Mobile, HDFC Bank MobileBanking, SBI Anywhere Personal, HDFC Bank MobileBanking LITE, iMobile by ICICI Bank, IDBI Bank GO Mobile+, Abhay by IDBI Bank, IDBI Bank GO Mobile, IDBI Bank mPassbook, Baroda mPassbook, Union Bank Mobile Banking and Union Bank Commercial Clients.

To cover up the credential theft, this malware uses deep links to Uber's legitimate app to display the user's current location - making it appear as though the user is accessing the Uber app instead of a malicious fake. Flash Player app is a popular target for cybercriminals.

Once the user has installed the app, the app prompts the user to activate administrative rights.

HP Recalls Computer Batteries After Reports Of Overheating
Instead, HP has developed a BIOS update that will put the battery into a "battery safety mode". The most important thing users can do is check to see if their notebook battery is affected.

Once it identifies an app that it can target, it pushes a fake notification on behalf of the targeted banking app. It will then ask for login credentials masked as that banking application. Entered credentials are immediately sent to a remote server, and might be used for further crimes.

What makes the malware particularly unsafe is that even if the user denies permission or administrative right or tries to kill the process on the device, "it keeps throwing continuous pop-ups until the user activates the admin privilege", said Mane.

According to Symantec, the trojan horse has a spoof version of the Uber app which periodically pops up on the user's device until it tricks them into entering their Uber ID and password.

The malware is able to process commands like sending and collecting SMS, uploading the contact list and location, displaying fake notifications, gaining accessibility and Global Positioning System permission and much more. Hence it can get the OTP even though if we have kept two-factor authentication to our bank account. If the user tries to deny the request the app will keep throwing continuous pop-ups until admin rights are given.

Install a reliable security app on your device and updating them regularly.

Recommended:



Popular

Why Billions Of Dollars In Lottery Prizes Go Unclaimed
Mega Millions, which is now valued at $450 million, will be drawn tonight, January 5; Powerball will be drawn Saturday, Jan 6. This is still the fourth-largest jackpot in Mega Millions history and the 11th-largest jackpot in US lottery history.

Jesse Lingard Leads Manchester United to FA Cup Win vs. Derby County
Lukaku came off the United bench at the interval as Mourinho looked for more cutting edge in the final third of the field. Derby have injury concerns heading into match as Tom Lawrence , Joe Ledley and Bradley Johnson are all major doubts.

Arson investigation underway after Roy Moore accuser's home burns down
Her mother had accompanied her to the meeting but it did not stop Moore from "grabbing" her buttocks as she left, she claimed. Johnson accused Moore of groping her while they were in his office in the early 1990s, according to The Associated Press .

MPs Want a 'Latter Levy' to Cut Down on Disposable Cup Waste
Welsh ministers are considering asking for powers to tax the cups and other plastics that are hard to recycle. When environmentalists first mooted the idea of a levy on plastic bags, plenty of eyes rolled.

Will Climate Change Leave Chocolate Out of Menu by 2050?
As if there wasn't already good enough reasons to care about how we treat the planet, this catastrophic effect certainly is. Over portion of the world's chocolate now originates from only two nations in West Africa - Côte d'Ivoire and Ghana .

Kim Kardashian Teases a Possible Dark Hair-Color Transformation
The 37-year-old says Saint is all better now, calling the little love muffin "so resilient" and using the mixed baby angel emoji. On Instagram and Twitter , Kim showed her appreciation for the doctors and nurses that took care of her son.

Mega Millions jackpot over $360 million, drawing tonight
Eastern Time and Powerball drawings are held Wednesday and Saturday evenings at 10:59 p.m. The lump-sum cash options are now $278.3 million for Powerball and $215 for Mega Millions.

Russian tankers fueled North Korea via transfers at sea
She urged other countries to sever "all ties" with North Korea, including ceasing trade and expelling North Korean workers. Security Council and has voted in favor of sanctions against North Korea, despite being its greatest traditional ally.

Mariah Carey Finds Her Tea After New Year's Eve Performance!
OK, well we'll just have to rough it. "The first time life throws you a curve in 2018, just remember: Mariah Carey made it through without her hot tea".

Manufacturing sector records record growth in December
The country's manufacturing PMI has been in positive territory for 17 months in a row despite overall slower expansion this month. This was consistent with the strongest improvement in the health of the sector since December 2012.