Are you using an Android device? Caution! Security researchers warn that the source code of an Android banking malware is posted online, along with information on how to use it by anyone.
Which means that Android users will soon face a growing number of attacks.
The security company Dr. Web has discovered that the source code of an Android banking malware has been leaked, adding that it can be distributed as a popular app or injected into archives APKs available online or in third-party stores.
Malware is recognized as Android.BankBot.149.origin and tries to get administrator rights. Once you have full rights, malware removes the app icon from the home screen, trying to fool users into believing it was removed.
On the other hand, it remains active in the background, και συνδέεται με ένα διακομιστή διοίκησης και ελέγχου περιμένοντας εντολές. Μπορεί να εκτελέσει ένα σωρό λειτουργίες, όπως αποστολή και λήψη messages SMS, steal contacts, locate devices, make calls, display phishing dialogs, and steal sensitive information such as bank and credit card details.
"Like many other Android banking malware, Android.BankBot.149.origin steals confidential user information by monitoring online banking applications and payment system software. A sample tested by Dr.'s safety researchers Web controls over three dozen such programs. "Once Android.BankBot.149.origin detects that any of the aforementioned applications are working, it loads the relevant phishing login screen to steal the user account login details and password," the company said.
Phishing input screens are available for many popular apps including Facebook, Instagram, WhatsApp, and YouTube. For the Google Play Store, malicious software displays a phishing dialogue similar to what appears when you make purchases on Google Play by requesting your credit card information.
In addition, it can intercept text messages, send them to the attacker, and then delete them from the phone, which is particularly dangerous in the case of notifications by the bank.
So be careful when downloading and installation APK files from third-party stores or through “friends.”
