02 April 2015

Ransomware moves to the mobile - and it's after your banking data

17 June 2014  |  4414 views  |  0 mobile keypad

A Russian-spawned mobile Trojan which combines elements of both financial malware and ransomware is now attacking English language banking apps.

The emergence of the new threat comes as the two-week window for PC users to protect themselves from the infamous Cryptolocker ransomware and Gameover Zeus Trojan draws to a close, following an FBI-led effort to disrupt the criminal botnets running the operation.

The success of these two scams appears to have spawned a number of copycats among mobile malware writers, with Spyeng - a famous money stealing mobile Trojan in Russia - seen as the most potent.

First spotted in the wild last week by Kaspersky Labs, the Trojan initially searches the user's phone against a pre-set list of top US banking applications. Then it locks the screen of the mobile device with the imitation of an FBI penalty notification letter and demands $200 in the form of Green Dot's MoneyPak cards.

More than 91% of attacks are currently targeting English-language users based in US and UK, with India, Germany and Switzerland commanding the remaining nine per cent.

Roman Unuchek, senior malware analyst at Kaspersky Lab says it is impossible to repel an attack once the malware is uploaded.

"The only hope for unlocking the device is if it was already rooted before it was infected," he says. "Then it could be unlocked without deleting the data. One more option is to remove the Trojan, if your phone wasn't rooted is to boot into 'Safe Mode' and erase all data on the phone only, while SIM and SD cards will stay untouched and uninfected."

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related blogs

Create a blog about this story (membership required)

Related stories

02 June, 2014
29 May, 2014
11 March, 2014
04 March, 2014
27 February, 2014
31 January, 2014
29 January, 2014
27 June, 2013
16 May, 2013
05 October, 2012
07 October, 2011
07 March, 2011
22 February, 2011
Your browser is unable to support Flash files.

Top topics

Most viewed Most shared
UK online banking fraud losses soar 48%
6220 views comments | 16 tweets | 19 linkedin
Future Money Focus: Mariano Belinky, Santa...
5916 views comments | 12 tweets | 12 linkedin
Apple Pay users running into checkout prob...
5362 views comments | 12 tweets | 15 linkedin
Swift London Business Forum to continue di...
4942 views comments | 5 tweets | 4 linkedin
Snapchat posts sees RBS investment bank he...
4864 views comments | 8 tweets | 3 linkedin

Featured job

To £130K + Bonuses
London based with substantial travel in the Region

Find your next job