Are you using an Android device? Caution! Security researchers warn that the source code of an Android banking malware is posted online, along with information on how to use it by anyone.
Which means that Android users will soon face a growing number of attacks.
The security company Dr. The Web has discovered that the source code of an Android banking malware has leaked, adding that it can be distributed as a popular application or injected into APK files available on the internet or in third-party stores.
Malware is recognized as Android.BankBot.149.origin and tries to get administrator rights. Once you have full rights, malware removes the app icon from the home screen, trying to fool users into believing it was removed.
On the other hand, it remains active in the background, connecting to a command and control server waiting for commands. It can perform a lot functions, όπως αποστολή και λήψη μηνυμάτων SMS, theft locate devices, make calls, display phishing dialogs, and steal sensitive information such as bank details and credit card information.
“Like many other Android banking malware, Android.BankBot.149.origin steals confidential user information by monitoring online banking applications and payment system software. A sample examined by security researchers at Dr. Web checks over three dozen such programs. Once Android.BankBot.149.origin detects that any of the aforementioned apps are running, it loads the relevant phishing login screen to intercept the user's bank account credentials and code access" says the company.
Phishing login screens are available for many popular applications including Facebook, Instagram, WhatsApp and YouTube. For Google Play Store, the malware displays a phishing dialog similar to the one you see when making purchases on Google Play, asking for your credit card information.
In addition, it can intercept text messages, send them to the attacker, and then delete them from the phone, which is particularly dangerous in the case of notifications by the bank.
So be careful when downloading and installing APK files from third-party stores or through "friends."
