facebook webinject

iBanking Trojan bypasses two-factor authentication and runs free

The iBanking είναι ένα banking Trojan που έρχεται μεταμφιεσμένο σε μια εφαρμογή for Android devices. The Trojan is distributed through attacks .

facebook-webinject

Recently, Trojan's source code has leaked online through an underground forum, which has allowed too many cybercriminals to launch attacks using this malware.

The iBanking malware, once installed on a victim's phone, can spy on the user's communications. The επιτρέπει σε έναν εισβολέα να στείλει ψεύτικα SMS, να ανακατευθύνει τις κλήσεις προς οποιοδήποτε προκαθορισμένο αριθμό τηλεφώνου, να καταγράψει ήχους χρησιμοποιώντας το μικρόφωνο της συσκευής και να κλέψει άλλα ευαίσθητα δεδομένα, όπως το ιστορικό κλήσεων και τις επαφές του τηλεφωνικού καταλόγου.

According to a new report by its security researchers ESET, the iBanking Trojan (Android/Spy.Agent.AF) targets its users to trick them into downloading malware.

Malware uses an attack method   to create a fake Facebook verification page and trick social network users like the one shown below:

iBanking-facebook-malware
False verification page prompts users to enter their mobile number to verify the authenticity of their Facebook account and then shows the following page if the victim's mobile is running Android.

iBanking-facebook-malware 1
The next fake page asks the victim to download an Android application from a QR code or using an SMS if for some reason he can not download it. Once downloaded and installed, the malware connects to the administration and control server which allows attackers to give it commands to execute on any infected device.
Since many banking sites use checking of two-factor and transaction authorization systems, in order to avoid various threats, criminals started developing malware such as iBanking to bypass two-factor authentication.

The iBanking Trojan can be used in conjunction with any malware to do malicious code on a web page and is generally used to redirect the incoming SMS messages of the infected device.

Είναι πάντα σημαντικό να κατεβάζετε εφαρμογές τρίτων μόνο από αξιόπιστες πηγές. Αυτό μπορείτε να το διασφαλίσετε απλά από το Ρυθμίσεις/ Εφαρμογές / και να απενεργοποιήσετε το “άγνωστες πηγές.”

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).