Technology by Design

Technology news, reviews, and how to keep your technology running fast and smooth!

ALERT: Evil Android Trojan Empties Your Bank Account

by Leave a Comment

Mobile Device Trojan

ALERT:  Evil Android Trojan Empties Your Bank Account

The FBI has identified 2 versions of malware for Android (SlemBunk and Marcher) actively phishing for financial institutions’ customer credentials.  According to cyber threat security reports, both types of malware have targeted foreign financial institutions since 2014, gradually broadening the list to include Western banks, and offered the malware for lease or purchase in underground forums.

SlemBunk apps often masquerade as common, popular applications, and stay incognito after running the 1st time.  They have the ability to phish for, and harvest, authentication credentials when specified banking and other similar apps are launched.  Slembunk currently spoofs the apps of 31 banks across the globe – some of which are among the biggest banks in the world – as well as users of 2 popular mobile payment service provider apps.

Online Banking Login

Users will only get infected if the malware is accidentally downloaded from a malicious website, the new version of the malware being distributed by porn websites.  Users who visit these sites are incessantly prompted to download Adobe Flash update to view the porn, and doing so, downloads the malware.  

When the app is launched for the 1st time, it activates the registered receiver, which subsequently starts the monitoring service in the background.  On the surface, it pops up a fake UI claiming to be Adobe Flash Player, or whatever it was advertised as being, and requests to be the device admin.  Upon being granted admin privileges, it removes the fake icon from the device, and the malware monitors the infected phone for the launch of a targeted mobile banking app.  When a mobile banking/payment app is launched, the malware injects a phishing overlay over the legitimate banking/payment app’s user interface (aka login screen).  The malware then uses the fake login screen to steal the victim’s banking credentials.

How to Avoid Mobile Device Malware:
  1. If you receive a pop-up telling you that you need to download Adobe Flash or any other software, whether you’re on your desktop or on your mobile device, go directly to the Adobe website or the app store (type it in the address bar), and download it from there.
  2. Keep Android devices updated.
You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.

Got CyberBugs?

Call 1-204-800-3166

For Cyber-Extermination!

#itthatworks

Leave a Reply

Your email address will not be published. Required fields are marked *