Sign Me Up For
The Free Assessment

 

Kaspersky Lab Found New Malware Which Targets Android Banking Apps

The new malicious software sidesteps security features on Android version 6.

This malicious software circumvents Android’s version 6 allowing criminals to infiltrate banking apps which in turn let them steal information like credit card details and the like.

Kaspersky Lab constantly keeps track of all cyberthreats. This malware that we are discussing today targets to steal a phone user’s details by creating an overlay screen on authentic mobile apps  and Google Play store app. The version 6 released 2015 was designed and aimed to block said attacks.

Google’s Android has dominated 80% of the global market of mobile operating system.

Google’s spokesperson announced Wednesday that they are aware of the issue. They have been taking steps to patch up this vulnerability. They appreciate Kaspersky’s research specially their efforts to keep Android users safe.

The said trojan malware appears to be a legitimate software. In turn Kaspersky said that its discovery represents a modification of the trojan malware called Gugi. This malware has been attacking all versions of the Androis OS.

The modified Gugi malware has been detected last june, after the malware family has been detected. Kaspersky announced the new malware type last Tuesday in their blog.

The Wall Street Journal reported last month that similar malware are out there which opens banking apps from their mobile phones.

Going back to the Gugi malware, it has been determined that it infects via text message wherein which if the user clicks on the link, they get infected.

It mainly steals text-message access since many banks send text message as a secondary layer of transaction authentication.

Kaspersky said the malware essentially tricks the user by installing a message that says “additional rights needed to work with graphics and windows.” The user is only given one option: to click on a button that says “provide.”

The malware then goes through additional steps in which it receives more of the user’s information.

Then comes the nasty part, the device will be blocked if it does not receive all the information it needs. Which in turn forces the user to go through the
difficult process of removing the infection.

Although most Gugi attacks have been targeting Russia, US is among the other countries affected by the malware threat.

“Cybercriminals are relentless in their attempts to find ways around this, and the security industry is equally busy making sure they don’t succeed,” said Roman Unucheck, a senior malware analyst at Kaspersky.

Written by

No Comments Yet.

Leave a Reply

Message

[contact-form-7 id="5555" title="Mobile Form"]