Banking Trojan Taking Over Android Devices

Hi guys,

Android users are affected by Hundreds of different banking Trojans.

One of them are the Android.SmsSpy.88.origin, which was first spotted in 2014 but according to Doctor Web researchers the popularity rating is still high.

The Trojan has been improved with ransomware functions. Originally it was designed to intercept text messages, make phone calls, and steal credit card information as well as login credentials from online banking programmes.

The researchers said, “The Trojan is distributed under the guise of a benign application, for example, Adobe Flash Player. Once launched, the Trojan prompts the user to grant it administrator privileges. It then turns on the Wi-Fi module and checks every second whether a Wi-Fi or cellular connection has been established. If no connection is made, Android.SmsSpy.88.origin enables these communication channels once again,” afterwards, the Trojan mobile network operator, OS version, mobile device model and cell phone number in formation to the command and control server.

Trojan attacks were initially targeted on Russia and CIS countries, but in the beginning of this year more sophisticated versions of the Trojan were created to infect Android devices worldwide. Users in over 200 countries and at least 40,000 mobile devices have been affected; out of which Turkey accounts for 18.29% and India for 8.81%.

Doctor Web advises users to protect smartphones and tablets from the Trojan by:
• Using another mobile device for completing online banking transactions
• Setting a limit on cash withdrawal for online banking services
• Not following links received in dubious SMS messages
• Not downloading applications from unreliable resources
• Protecting the device with anti-virus software


Source: Akati

Comments are closed.