“Doctor Web” announced that the expected increase in the number of attacks banking Trojans for Android users. According to experts, the attackers laid out in open access source code and instructions for the use of banking malware that aims to “phones”. This can lead to a sharp increase in the number of malware attacking Android users.
Modern banking Trojans for the mobile platform Google created by virus writers and a lot of money are sold as commercial products using clandestine Internet sites. Recently on one of the hacker forums in free access were the original code of one of these malicious applications along with instructions for its use.
The Malware Android.BankBot.149.origin is disguised as a harmless application. Once started, it requests access to the administrator functions of the mobile device in order to complicate their removal. Then he hides from the user, removing its icon from the home screen.
BankBot steals users ‘ confidential information by tracking running applications “client-Bank” and to work with payment systems. Once BankBot detects that one such application starts, it loads a control server corresponding to phishing in the form of a login and password to access the account of the Bank and shows it on top of the attacked application.
In addition, the Trojan attempts to steal information about the credit card of the owner of the infected gadget. To do this, the malware monitors the run popular apps like Facebook, Viber, Youtube, Messenger, WhatsApp, Uber, Snapchat, WeChat, imo, Instagram, Twitter and the Play store, and shows them on top of the phishing settings window of the payment service of Google Play. The result of the presence of BankBot in the system may be losing serious amounts of money.
It is noteworthy that when you receive a SMS, the Trojan disables all audible and vibrating alerts, sends the contents of the messages to attackers and trying to remove the intercepted SMS messages from the Inbox. As a result, the user can not only receive notifications from credit institutions with information about unexpected operations.
Because cyber criminals have created it using available to any interested person information, experts expect a big wave of similar Trojans.