Quick Heal detects 2 banking Trojans targeting Indian Android users


IT company Quick Heal on Tuesday warned that two new banking trojans (malware designed to steal financial data) targeting Android are hitting users in India to access confidential data.

The Trojans, named “Android.Marcher.C" and "Android.Asacub.T", operate by exploiting user behaviour of android mobile users and imitating notifications from leading banking and finance apps in India as well as popular social apps such as WhatsApp, Facebook, Twitter, Instagram, and Skype.

The trojans mask themselves by using misleading icons and names to trick users. “Android.Marcher.C" uses a fake Adobe Flash Player icon and "Android.Asacub.T" mimics an android update icon and the name “update”.

The malwares work by forcing the users into allowing special privileges to the app by clicking “Activate” after it is installed in the device.

Image credits: Quick Heal
Once the malware has this access, it is able to trick sensitive information from the user such as banking credentials, passwords, card details, etc. whenever the user opens one of the apps the trojan is designed to imitate. This is done by displaying a fake window asking for the credit/debit card number of the user without which, the user is unable to access the app.

Sanjay Katkar, Co-founder and CTO of Quick Heal Technologies Limited, said, "Indian users often download unverified apps from third-party app stores and links sent through SMS and email. This gives hackers a lucrative opportunity to steal confidential information from unsuspecting users."

He also said the company has detected three other similar malware in less than six months and that it seems like hackers are now targeting mobile users as they are “far more vulnerable to sophisticated phishing attacks”.

Android users are advised to practice caution when downloading apps and to only download them from trusted sources. Always verify app permissions and install a reliable mobile security app.



from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/2HSZvSa

Comments