Happy New Year 2024 to all our members and visitors! Our Forum is Now Back Online After Some Critical Upgrade- We Apologize for the inaccessibility Period! Thank You all. CORONAVIRUS safety tips from Admin! 1. Watch your hands with running water 2. Dont cough in your hands 3. Keep distance from people 4. Stay indoor if neccessary!! Stay safe !!! Dear Members,Do you know that naijacrux is fully programmed to serve you better, Do you know that you can share your favorite post on naijacrux with friends on twitter,facebook, googleplus,myspace and many more! To share post on naijacrux with friends and family on twitter, facebook,googleplus,myspace,and many more, scroll to the down page of the post, Click on the Social Icon You Want To Share On To Share.


Author Topic: Newly discovered Android malware able to steal money from online banking account  (Read 1760 times)

0 Members and 1 Guest are viewing this topic.

Offline admin

  • Administrator
  • Hero Member
  • *****
  • Posts: 1386
  • Karma: +0/-0
Loading...

New Android malware was discovered, able to steal money from online banking accounts, and hide SMS notifications coming to confirm financial transactions.

This new malware detected by Dr.Web as the Android.SmsBot.459.origin trojan infects users via SMS spam, which, to be more convincing, in some cases even uses the phone owner's name. The spam SMS message contains a link, which, if opened, will forcibly download the trojan's APK file on the user's device.

The only way to actually get infected is to tap and open the APK file, so if a Web page just downloads an Android app on your phone without asking you anything, don't even think of opening it. Ever!

The trojan masquerades as a legitimate app

For users who are so "unlucky" to tap and open the APK, the trojan will mask itself as an app coming from a well-known source, in this case, as a client application for an advertising website in Russia.

If the user agrees to install it, the app will immediately ask for admin privileges with the purpose of "getting video codec access." This message is quite pushy and won't go away until the user clicks "Activate." As a side note to the article, popups that cannot be closed should be another sign that an app contains malware.

Once successfully installed and with admin privileges, the trojan now starts operating with its C&C server. The first thing it will do is to send all kinds of details about the user's phone, beginning with its IMEI, model name, system language, mobile phone number, OS version, and so on.

The malware currently targets Russian users

Once this data is on the C&C server, the Android.SmsBot.459.origin trojan is then instructed to scan the device for a list of banking applications. For now, this trojan only scans for applications catering to Russian banks.

If banking applications are found, using pre-configured operations, the trojan will get the user's account balance, trying to discover if they have any available funds.


 

 

Gmail Update "Inbox by Gmail android app" with New Snooze Options

Started by internet police

Replies: 0
Views: 2204
Last post July 17, 2015, 03:03:18 PM
by internet police
Nokia unveiled nokia C02 with Android 12

Started by punch

Replies: 0
Views: 6358
Last post February 24, 2023, 12:43:39 AM
by punch
New Windows Phone Invented with Windows PE on Android Device

Started by guruslodge

Replies: 0
Views: 1890
Last post January 22, 2018, 04:36:03 AM
by guruslodge
Samsung Galaxy A10e and Galaxy A20 receives Android 10

Started by xrated

Replies: 0
Views: 8258
Last post July 06, 2020, 08:45:26 AM
by xrated
Apple Updated Apple Music for Android with New download to SD Feature

Started by legendguru

Replies: 0
Views: 2224
Last post February 04, 2016, 11:37:43 AM
by legendguru