Quick Heal reports malware that targets 232 bank apps worldwide
05 January 2018
A blog by Quick Heal reported about a malware on Android that targets apps of 232 banks worldwide, including a number of banks in India.
The malware Android.banker.A2f8a, can steal personal data, intercept SMS messages, which contain OTPs, steal contacts, and is known for carrying out malicious activities using banking apps.
In India, Quick Heal identified the list of banks whose apps are being targeted by Android.banker.A2f8a, which include mobile banking apps of Axis Bank, HDFC Bank (regular and LITE versions), SBI Anywhere Personal, iMobile by ICICI Bank, IDBI Bank (Go Mobile and Go Mobile+) and Union Bank.
The list also includes mobile passbook apps such as IDBI Bank mPassbook and Baroda mPassbook.
The Android Banking Trojan forms part of a fake Flash Player on third-party stores.
The fake app asks users for administrative rights immediately after setup and even if a user initially denies admin access, the app continues to show pop-up windows until the user accepts.
When the app gets admin rights, it hides its icon and seeks financial apps.
The malware has been found searching 232 apps, related to banking and cryptocurrency services, according to the Quick Heal blogpost.