Android.banker.A2f8a has its ways to find details other than the banking app. The trojan is able to get details out of SMSes, disclose location details and even hijack contact lists.
On Thursday, IT security firm Quick Heal’s Security Labs made a stir among the people who use banking app on their smartphones. Quick Heal alerted that an Android Banking Trojan has surfaced that can imitate more than 232 mobile apps. Some of the apps that can be targetted by the Trojan include Indian banking apps like SBI, HDFC, ICICI, IDBI and Axis, among others. An Android Banking Trojan is a malicious program, designed especially for Android devices, which makes an attempt to get confidential information about customers using online banking and payment systems.
The malware known as “Android.banker.A2f8a” is being distributed through a fake Flash Player app on third-party stores. The malicious app was previously detected as Android.banker.A9480. Android.banker.A2f8a has its ways to find details other than the banking app. The trojan is able to get details out of SMSes, disclose location details and even hijack contact lists. It should be noted by the consumers with banking apps on their Android devices that after Android 4.1, the use of Adobe Flash Player on the banking apps has been discontinued. Even on Google Play Store, there is no Adobe Flash Player app available.
Quick Heal said that the malware keeps on popping up even after the administrative rights are declined. If the malicious app finds its way into your phone, it will keep on checking the listed 232 apps. Once any of the targeted apps are found on the device, a fake notification is sent which asks users for their login credentials.
Sanjay Katkar, Joint MD and CTO of Quick Heal Technologies said, “Users are advised not to download apps from third-party app stores or links provided in SMSs and emails. This will ensure that their credentials are safe.” He further added, “We also advised to keep device OS and mobile security app up-to-date.”
Here are some of the top mobile banking apps that are affected by the Trojan:
axis.mobile (Axis Mobile)
snapwork.hdfc (HDFC Bank MobileBanking)
sbi.SBIFreedomPlus (SBI Anywhere Personal)
hdfcquickbank (HDFC Bank MobileBanking LITE)
csam.icici.bank.imobile (iMobile by ICICI Bank)
snapwork.IDBI (IDBI Bank GO Mobile+)
idbibank.abhay_card (Abhay by IDBI Bank Ltd)
com.idbi (IDBI Bank GO Mobile)
idbi.mpassbook (IDBI Bank mPassbook)
co.bankofbaroda.mpassbook (Baroda mPassbook)
unionbank.ecommerce.mobile.android (Union Bank Mobile Banking)
unionbank.ecommerce.mobile.commercial.legacy (Union Bank Commercial Clients)