The iBanking είναι ένα banking Trojan που έρχεται μεταμφιεσμένο σε μια εφαρμογή ασφαλείας για συσκευές Android. Το Trojan διανέμεται μέσω attacks HTML injection.
Recently, the source code of the Trojan was leaked online through an underground forum, which gave an opportunity to many cybercriminals to launch attacks using this malware.
The iBanking malware, once installed on a victim's phone, can spy on the user's communications. The bot allows an attacker to send fake SMS, redirect calls to any predefined phone number, record sounds using the device's microphone and steal other sensitive data such as call history and phonebook contacts.
According to a new report by its security researchers ESET, iBanking Trojan (Android / Spy.Agent.AF) is targeting Facebook users to trick them into downloading malware.
Malware uses an attack method JavaScript web injection to create a fake Facebook verification page and trick social network users like the one shown below:
False verification page prompts users to enter their mobile number to verify the authenticity of their Facebook account and then shows the following page if the victim's mobile is running Android.
The next fake page asks the victim to download an Android app from a QR code or by using an SMS if for some reason he is unable to download it. Once downloaded and installed, the malware connects to the administration server and control which allows attackers to give it commands to execute on any infected device.
Since many banking sites use two-factor authentication and transaction licensing systems to avoid various threats, criminals began to develop malware such as iBanking to bypass two-factor authentication.
The iBanking Trojan can be used in conjunction with any malware to do injection malicious code on a web page and is generally used to redirect the incoming SMS messages of the infected device.
It is always important to download third-party applications only from trusted sources. You can do this simply by setting the menu / Applications / and turning off "unknown sources".