22 August 2017
visit www.avoka.com

Android malware targets bank and social media apps

04 November 2016  |  13912 views  |  1 Man holding smartphone

Cybersecurity experts are warning about new Android malware that can steal the login credentials from 94 different mobile banking apps around the world.

The malware masquerades as a Flash Player app that, once installed, appears in a phone launcher, says Fortinet. If a phone owner launches the app they see a fake Google Play screen asking for permissions that grant the malware administrator rights.

Then, when a banking app is opened, the malware creates a fake overlay, tricking victims into entering their login credentials. Among the bank apps being targeted are those of NAB, ING Direct and Citi, as well as PayPal.

In addition, the malware is also taking aim at social media apps. When users launch Facebook, Whatsapp, Snapchat, Twitter, Instagram and more, they are faced with a screen overlay asking for payment card details.

Meanwhile, due to its ability to intercept SMS communications, the malware is also able to bypass SMS-based two-factor authentication.

Fortinet says users can disable the device administrator rights through their phone settings and then uninstall the fake Flash Player.
KeywordsSOCIAL MEDIA

Comments: (1)

A Finextra member
A Finextra member | 07 November, 2016, 09:38

Would it not be useful if this story gave some examples of what the software might be called, so that we can look out for it?

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Indian banks hit by massive ATM breach

Indian banks hit by massive ATM breach

20 October 2016  |  10149 views  |  2 comments | 17 tweets | 25 linkedin
Security experts warn of new breed of bank malware

Security experts warn of new breed of bank malware

09 February 2016  |  12545 views  |  0 comments | 9 tweets | 20 linkedin
Mobile banking consumers in Singapore warned of malware threat

Mobile banking consumers in Singapore warned of malware threat

01 December 2015  |  4466 views  |  0 comments | 5 tweets | 1 linkedin
Russian cops nab alleged Nazi Android malware gang members

Russian cops nab alleged Nazi Android malware gang members

13 April 2015  |  4053 views  |  0 comments | 4 tweets | 6 linkedin
11% of Android banking apps 'suspicious' - RiskIQ

11% of Android banking apps 'suspicious' - RiskIQ

22 January 2015  |  7459 views  |  0 comments | 23 tweets | 14 linkedin

Related blogs

Create a blog about this story (membership required)
download the paper nowvisit www.abe-eba.euvisit www.niceactimize.com

Who is commenting?

A Finextra member Finextra Member Commented on: Real-time payments in...
A Finextra member Finextra Member Commented on: Barclays uses sensors...

Top topics

Most viewed Most shared
Mobile contactless spending accelerating in UKMobile contactless spending accelerating i...
11680 views comments | 26 tweets | 23 linkedin
Barclays pairs banking data with third party apps for SmartBusiness DashboardBarclays pairs banking data with third par...
10053 views comments | 22 tweets | 31 linkedin
hands typing furiouslyWhy Is Risk Analytics Important?
9736 views 0 | 5 tweets | 1 linkedin
Norwegian banks and startups form fintech clusterNorwegian banks and startups form fintech...
9451 views comments | 19 tweets | 23 linkedin
RBS to bring Silicon Valley to EdinburghRBS to bring Silicon Valley to Edinburgh
9432 views comments | 10 tweets | 8 linkedin

Featured job

Competitive
New York, NY - USA (some flexibility on location)

Find your next job