Marcher: Android trojan steals Facebook, Skype & Gmail accounts

The Android trojan known as Marcher is released with a new update. Its new version allows it to display bogus login pages to steal credentials from various popular Android apps.

Android Marcher has appeared on the mobile malware scene in 2013 and originally had the ability to display a fake screen at the top of the Google Play Store app when the was starting the application.Android 1

This screen asked the user to enter their credit card details, which the sent them to a C&C (command and control) server.

Later in 2014, fraudsters added a new feature to phish bank credentials, mostly from financial institutions in Australia, France, Germany, and the USA.

The latest update discovered by security firm Zscaler appears to add more in the trojan.

This time, the malware developer focused on popular Android apps.

So the new updated Marcher can collect login credentials by showing the corresponding fake login page every time the user starts one of the apps: WhatsApp, Viber, Skype, , Facebook Messenger, Instagram, Twitter, Gmail, Line, UC Browser, Chrome, and Play Store.

Όλα τα δεδομένα αποστέλλονται σε έναν online server που βρίσκεται στον έλεγχο του απατεώνα. Στο παρελθόν αυτά τα δεδομένα μεταδίδονταν σε μορφή απλού κείμενου μέσω , η τελευταία έκδοση του Marcher τα αποστέλλει κρυπτογραφημένα χρησιμοποιώντας SSL.

How to protect yourself? Try to avoid installing applications outside the Play Store.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).