Date:29/11/17
Malware infected torch apps are being used to infiltrate banking apps and steal money from unsuspecting Android users, cybersecurity experts have warned.
A report claims that "thousands of Android users" have had their devices infected after downloading free torch or gaming apps through Google Play.
Experts from ESET, Avast and SfyLab have dubbed the malware BankBot and warned devices are being infected around the world.
Once downloaded the apps monitor users, collect their bank login details and steal their money.
Google removed older versions of the apps within days, but some revisions remained active until November 17 infecting thousands, the report's authors have claimed.
The apps are hiding from Google checks by publishing under different developer names and postponing attacks on a device.
The malware was first seen hidden within apps including, Lamp for DarkNess, Tornado FlashLight and Sea FlashLight in October, the report says.
In a revised attack the malware was embedded in a Solitaire gaming app and smartphone cleaning app.
After the phone owner grants the app permissions it identifies banking apps and creates an overlay that appears when the user goes to log on, storing the information.
The sophisticated attack can also break through two-factor authentication intercepting text messages to gain access to your banking app.
The report warns people not to download apps with few or poor ratings, and to uninstall banking apps and contact banks if you notice anything suspicious.
Android users being robbed by Malware infected flashlight apps
Malware infected torch apps are being used to infiltrate banking apps and steal money from unsuspecting Android users, cybersecurity experts have warned.A report claims that "thousands of Android users" have had their devices infected after downloading free torch or gaming apps through Google Play.
Experts from ESET, Avast and SfyLab have dubbed the malware BankBot and warned devices are being infected around the world.
Once downloaded the apps monitor users, collect their bank login details and steal their money.
Google removed older versions of the apps within days, but some revisions remained active until November 17 infecting thousands, the report's authors have claimed.
The apps are hiding from Google checks by publishing under different developer names and postponing attacks on a device.
The malware was first seen hidden within apps including, Lamp for DarkNess, Tornado FlashLight and Sea FlashLight in October, the report says.
In a revised attack the malware was embedded in a Solitaire gaming app and smartphone cleaning app.
After the phone owner grants the app permissions it identifies banking apps and creates an overlay that appears when the user goes to log on, storing the information.
The sophisticated attack can also break through two-factor authentication intercepting text messages to gain access to your banking app.
The report warns people not to download apps with few or poor ratings, and to uninstall banking apps and contact banks if you notice anything suspicious.
Views: 417
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
