Password-stealing malware sneaks in Google Play store in bogus apps

A cybercrime group has sneaked apps onto the official Google Play Store which then serve up Trojan banking malware to Android users, security researchers have revealed.
Uncovered in June, the campaign delivered Anubis malware designed to steal login credentials for banking apps, e-wallets and payment cards. The payload was hidden in applications which claimed to offer services ranging from online shopping to live stock-market monitoring.
The Android malware campaign has been unearthed and detailed by researchers at IBM X-Force, who suggest the effort put into making the applications look legitimate indicates "a large investment of resources on the part of the campaign's operator".
The malware seeemingly takes its name from Anubis, the Ancient Egyptian God of the dead.
As with other forms of Android malware uncovered in the Google Play app store, the malicious intent of Anubis is hidden away, with the payload only being delivered after the application is installed and in contact with a command-and-control server. Such is the stealthy nature of the malicious downloader, researchers say it isn't detected by antivirus software.
The developers of the malware are regularly altering the capabilities of the malware and will slightly alter the code to ensure that it isn't detected by Google Play's security controls. The regular updates are another sign which points to the malware being the work of a well-resourced criminal group.
Once BankBot Anubis has been delivered to the device the malware masquerades as an app called "Google Protect" which asks for accessibility rights. The malware authors are ultimately hoping that users will see the name Google on the display and inherently trust that the request is legitimate.
However, this is not the case and by granting accessibility rights, the malware is given permission to perform keylogging for the purposes of stealing infected user's credentials when they use a banking app or payment site. Anubis can also take screenshots of the user's display.
The campaign examined appears to specifically target Turkish users, but the configurations within Anubis show that it can be used to steal from users in countries around the world, including the US, UK, Australia, Israel, Japan and many more.
"Our research team suspects a cybercrime group operating in Turkey is behind this particular BankBot Anubis campaign. The downloaders themselves can also potentially be a cybercrime service offering distribution via Google Play," Limor Kessem, executive security advisor at IBM Security told ZDNet
It's thought that at least 10,000 people downloaded the malicious downloaders - although it's unknown how many of those have subsequently been infected with the malware.
IBM X-Force states that the malicious apps have been reported to Google for removal. ZDNet contacted Google, but hadn't received a reply at the time of writing.
Smartphones remain a popular target for cyber criminals because of the sheer amount of data they hold. In order to avoid falling victim to malware, users should only download trusted applications and should be mindful of what permissions the apps are requesting.

Views: 47

©ictnews.az. All rights reserved.

Facebook Google Favorites.Live BobrDobr Delicious Twitter Propeller Diigo Yahoo Memori MoeMesto

18 July 2018

‘Part coat, part science experiment,’ a jacket made of graphene is on the way

It seems there is no end to the uses of graphene, the material that promises to revolutionize the world

Communist-run Cuba starts rolling out internet on mobile phones

Communist-run Cuba has started providing internet on the mobile phones of select users as 

Elon Musk, DeepMind founders, and others sign pledge to not develop lethal AI weapon systems

Tech leaders, including Elon Musk and the three co-founders of Google’s AI subsidiary DeepMind

Microsoft To Discontinue Windows 10 Delta Updates

Microsoft plans to end distribution of its monthly Windows 10 "delta updates" starting Feb. 12, 2019, the company announced this week

Buried Internet infrastructure at risk as sea levels rise

Thousands of miles of buried fiber optic cable in densely populated coastal regions of the United States may soon be inundated by rising seas, accordi

Samsung introduced 8Gb LPDDR5 chip to power future 5G and AI phones

Samsung will help shove artificial intelligence (AI) tech into more smartphones with its newly-minted 8-gigabit LPDDR5 DRAM chip

AI will create as many jobs as it displaces - report

Artificial Intelligence (AI) will create as many jobs in the UK as it will displace over the next 20 years, a report has said

Minister of Transport, Communications and High Technologies to receive citizens in Gakh

Minister of Transport, Communications and High Technologies Ramin Guluzade will receive citizens in Gakh city

17 07 2018

Armani announces next generation Connected Wear OS smartwatch

Fashion brand Emporio Armani announced the Emporio Armani Connected 2018

Global Shipments of 3D Sensing Smartphones Predicted to Reach 100 Million Units This Year

Global shipments of 3D sensing smartphones are expected to reach over 100 million units in 2018

Huawei Super Charge next-generation 40W fast charging technology surfaces online

Huawei Super Charge next-generation 40W fast charging technology surfaces online

This six-legged robot flowerpot is your house plant’s new bestie

The Vincross Hexa is an agile six-legged robot primarily for learning and exploring robotics

Army Is Teaching AI Robots the Team Concept

As far as the Department of Defense is concerned, artificial intelligence is a team game, particularly where robots are concerned.

Skype Finally Gets A Call Recording Feature

You’d think that call recording would be one of the basic features that Skype would offer but that’s not the case. 

UK selects Scottish site for first spaceport

The UK has selected the site for its first ever spaceport