SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
28 Nov 2014

Android Trojan steals money and confidential data of users

Virus analysts at the company “Doctor Web” explored a new Trojan horse, designed to infect smartphones and tablets running the Android OS.

This malicious program, included in the virus database under the name of Android.BankBot.34.origin, is capable of stealing personal information of owners of mobile devices, as well as to steal money from Bank accounts and the accounts of the mobile phones of their victims.

To start its malicious activity Android.BankBot.34.origin can only after installation in the system by the owner of the mobile device. Therefore, to increase the likelihood that you install and run the Trojan potential victims of the authors of Android.BankBot.34.origin distribute it under the guise of system updates and provide a shortcut to one of the most popular programs. It should be noted that the choice of application for simulation depends entirely on the imagination of writers and can be absolutely anything.

Once installed, the Trojan sets up a shortcut on the home screen, it can coexist next to the label of the original program if it is already present in the system. Thus, inexperienced users may confuse the application and the chance to run the Trojan instead of this. If the owner of the infected mobile device activates a malicious application after installing it yourself, run the Trojan will still happen, because in Android.BankBot.34.origin provides for automatic download when you switch the operating system.

After its initialization Android.BankBot.34.origin asks the victim access to the administrative functions of the mobile device, which to some extent allows a malicious application to make it difficult to uninstall. In addition, the Trojan deletes the created previously shortcut if running Android.BankBot.34.origin was made by the owner of a smartphone or tablet. The Trojan then launches directly to malicious activity.

In Fact, Android.BankBot.34.origin are able to implement on the infected Android device two attack scenario. The first scenario depends on the behavior of the user and is activated when he tries to run one of the interesting malicious applications. If the owner of the infected by the Trojan smartphone or tablet will launch a similar program for Android.BankBot.34.origin displays on top of its interface phishing dialog box with fields for entering personal information, such as username and password, phone number or credit card information.

For each of these applications, the Trojan very plausible simulates the appropriate request form, which indicates the desire of writers to cause the least possible suspicion from their victims. The second attack scenario, in contrast, does not depend on committed actions and occurs only in accordance with the instructions of the attackers coming from the remote host.

Due to the fact that Android.BankBot.34.origin capable unbeknownst to the owner of the infected mobile device to send and intercept SMS messages, cybercriminals can use this malicious program as a banking Trojan to steal money from the accounts of their victims by means of control SMS commands mobile banking.

Similarly, attackers can steal money from the mobile account users, using USSD commands and transferring a certain amount on your phone number. Herewith the list of attached mobile operators and credit institutions practically is not limited and depends on the current needs of the creators of malware. In particular, the greatest risk clients of those banks and payment systems that offer account management by means of SMS messages, as well as subscribers of mobile operators to provide mobile payments from the accounts of the phones.

Tags:
Android Trojan fraud
Source:
Oh My Gadget!
2784
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015