An Android malware is targeting major banking apps like HDFC Bank, SBI, reveals Quick Heal
The report suggests 232 banking apps worldwide have been targeted, which includes some of the biggest banking apps in India.
In a shocking revelation, Quick Heal Security Labs has reportedly detected an Android malware that has been targeting over 232 banking apps including HDFC Bank and ICICI Bank. The malware, according to the report, is known as Android.banker.A2f8a (previously detected as Android.banker.A9480).
The report lists a number of targeted banking apps which, includes Axis Mobile, HDFC Bank MobileBanking, SBI Anywhere Personal, HDFC Bank MobileBanking LITE, iMobile by ICICI Bank, IDBI Bank GO Mobile+, Abhay by IDBI Bank, IDBI Bank GO Mobile, IDBI Bank mPassbook, Baroda mPassbook, Union Bank Mobile Banking and Union Bank Commercial Clients.
The malware is distributed through a fake Flash Player on third party stores, the report said, trying to pass the app as coming from Adobe’s widely-used Flash Player. The app icon even resembles that of Flash Player.
Once the user has installed the app, the app prompts the user to activate administrative rights. If a user denies the rights to the app, the user gets a barrage of pop-ups until the app has been granted administrative rights.
Once the user provides the rights to the app, the app hides itself, running in the background. After this, the app continuously keeps track of the user’s activities and in particular checks whether one of these 232 apps are present.
Once one of the above app is found, the malware sends a fake notification which seems to originate from the bank. If the user clicks on the fake notification, the he is taken to a fake login screen where the app steals the user’s login credentials and password.
The app even bypasses secondary security authentication steps such as OTP generation from the bank, as the app gains right to send and collect all SMSes from the device.
The menace doesn’t end here as the report suggests the app also targets cryptocurrency apps on an Android device. Some of the major cryptocurrency apps which are affected include Bitfinex, Bitcoinium, Bitcoin/Altcoin chart, Bitcoin Ticker Widget, Crypto Prices All-in-One, Blockchain – Bitcoin & Ether Wallet, Blockchain Merchant, Bitcoin Wallet, Bitcoin Cash Wallet by Freewallet.
Apart from these, the malware also targets other widely-used general apps such as Amazon Shopping, Airbnb, 365Scores: Sports Scores Live, PokerStars Poker: Texas Holdem, PokerStars Play: Free Texas Holdem Poker Game, Western Union US – Send Money Transfers Quickly.
As a way to shield yourself from such malwares the report provides a few tips such as:-
- Avoid downloading apps from third-party app stores or from SMS links or emails
- Keep ‘Unknown Sources’ disabled in Settings. This option prevents apps from unknown sources to be installed on your device.
- Install a reliable security app on your device updating them regularly.
- Keep the device up-to-date with the latest OS.