Employees of the antivirus company Symantec has detected a new version of the dangerous banking Trojan for Android called Bankosy. According to them, this Android malware can be called the most cunning of all.
This version of the Trojan is almost not different from other rogue applications who steal banking information, with the exception of one detail. Like other banking Trojans, Android.Bankosy can infect the system and intercept login details of online banking and SMS codes confirming the transaction. However, the program is notable for the interception of voice calls.
Such service provide their clients with a number of banks – if desired, the user can choose how to receive the code via SMS or through voice call, where the numbers will dictate a synthesized voice. The majority of banking Trojans are not able to intercept such calls, but Andriod.Bankosy exception.
Infecting a smartphone, the Trojan can translate gadget to silent mode and enable call forwarding. Thus, the call is sent to the hackers. Until the user “Google phone” waiting for a call, data code already with the intruders.
In addition to the intercept calls “malware” is able without the user’s knowledge to activate the lock screen of your smartphone. This functionality is activated when it detects a call from the number Bank. Since the sound will be muted and the screen is locked, the victim learns about the call.
In Symantec noted that at the moment, the virus for Android is being actively used in Asian countries, where the redirection includes USSD request. The mere appearance of such a program, according to experts, suggests that the voice transfer codes can no longer be considered reliable.