Banking apps targeted by newly found Android malware – 

Read Full Hacking News: Four of Australia’s largest banks customers are being targeted by a sophisticated Android attack which has so far managed to remove two-factor authentication system and can steal banking details.Lets Read Android Malware Steal Bank Details\

Android Malware Steal Bank Details
Android Malware Steal Bank Details

Eset SECURITY RESEARCHERS Have Discovered an Android MALWARE Targeting Banking Custmoers in AUSTRALIA — This MALWARE Alos BYPASSES the two-factor AUTHENTICATION SYSTEM

The four big banks involved are the Commonwealth Bank, National Australia Bank, Westpac and the ANZ Bank. These banks’ millions of customers have been put at risk by the malware which infects devices and hides from the user, waiting for the moment when a user opens the banking apps.

Millions of customers using applications from Commonwealth Bank, Westpac, National Australia Bank and ANZ Bank are all at risk of the malware, known as Android/Spy.Agent.SI.

ESET has released a report which describes the malware. The malware has been dubbed as Android/Spy.Agent.SI and is able to steal login details by locking down a phone when you try to enter a bank’s app. From there, it will display a fake login screen for the bank and won’t let users leave that until they type in 9 the details.

Also Read: “Hack The Pentagon Security”- US Government Challenge Hackers

This allows hackers to use the stolen credentials and log into a victim’s account of the and transfer money out of it.

Unfortunately, the malware also has a self-defence mechanism that stops users from uninstalling the banking app from the infected device. In addition to stealing the login details of customers, the hackers can also intercept verification text messages sent to the device, allowing them to thwart extra security measures put in place by the banks.

With this unique code, the hackers can log in to an account easily and transfer money.
The malware even deletes all details of the attempted login from the device.

“This allows SMS-based two-factor authentication of fraudulent transactions to be bypassed, without raising the suspicions of the device’s owner,” ESET malware researcher Lukas Stefanko said in a statement.

Also Read: Ex-Anonymous & Ex military member discusses involvement with Global Hacktivist group

According to ESET, the malware is the brain child of sophisticated hackers and developed over a long period of time.

“This is a significant attack on the banking sector in Australia and New Zealand, and shouldn’t be taken lightly,” Nick FitzGerald, senior research fellow at ESET, said, as reported by The Sydney Morning Herald.

“While 20 banking apps have been targeted so far, there’s a high possibility the e-criminals involved will further develop this malware to attack more banking apps in the future.”

Mr Stefanko said, “The attack has been massive and it can be easily refocused to any other set of target banks.

Also Read: Hackers Hack 100$ Million From Bangladesh New York Field Bank

BankWest, Bendigo Bank, St George Bank, Bank of New Zealand, Wells Fargo and Kiwibank are also among the list of vulnerable banks.

By imitating the Adobe Flash Player application, the malware gets an entry into any Android device.

Android devices infected with the malware will display ‘Flash Player’ in the list of device administrators. You can go to the Settings > Security > Device Administrators menu to check.

If users attempt to remove ‘Flash Player’ from the list, an alert warning will pop up saying that data may be lost, but it is safe to press ‘OK’. Once the device administrator rights are disabled, the malware can be uninstalled. Go to Settings > Apps/Application manager > Flash Player > Uninstall.

6 COMMENTS

  1. Oh my goodness! Amazing article dude! Thank you so much, However I am experiencing
    troubles with your RSS. I don’t understand the reason why I am unable to subscribe to it.
    Is there anyone else getting identical RSS issues?
    Anybody who knows the answer can you kindly respond?
    Thanks!!

    • Thanks Bro. And there was no RSS error Bro. Its completely working. When you enter you email. then we are sent you a verification mail in your inbox > open it and verify and enjoy !

  2. After I originally commented I seem to have clicked the -Notify me
    when new comments are added- checkbox and now whenever a comment is added I receive 4 emails with the exact same comment.
    There has to be an easy method you are able to remove
    me from that service? Many thanks!

  3. I like the helpful info you provide in your articles.
    I will bookmark your blog and check again here frequently.
    I am quite sure I will learn a lot of new stuff right here!
    Good luck for the next!

  4. Actually instructive and excellent structure of content material material , now thats user friendly (:.

Comments are closed.