Android Banking Trojan Targeting Apps of HDFC, ICICI and Axis
Global IT security firm Quick Heal’s Security Labs on Thursday announced it has spotted an Android Banking Trojan that imitates more than 232 mobile apps, including those offered by Indian banks like SBI, HDFC, ICICI, IDBI and Axis, among others.
According to the researchers, the malware known as “Android.banker.A2f8a” is being distributed through a fake Flash Player app on third-party stores. Once a targeted app is found on the device, the app shows fake notifications disguised as coming from the targeted app and asks users to log in with their credentials and ultimately tricks them into stealing their login ID and password.
Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal Technologies Limited commented on the same and said, “Users are advised to avoid downloading apps from third party app stores or links provided in SMSs and emails to keep their credentials safe. It is strongly advised to keep device OS and mobile security app up-to-date.”
The extent of data collection by Android.banker.A2f8a isn’t limited to details on the banking app. Quick Heal states that the trojan is able to hijack SMSes, disclose location details and hijack contact lists, which it uploads to malicious servers.
Adobe Flash player has been discontinued after Android 4.1 and there’s no app on the Google Play Store. Adobe has also announced that it will stop updating and distributing Flash player for all formats of browsers, where it currently operates, by the end of 2020.
To stay away from this malicious attack, you should not install any flash player application, especially the ones with Adobe name. The flash player size is reportedly said to be 115KB. Also, Quick Heal noted that their security application detects this malware and alerts the user if any.