Beware Android Users:Two Android malware has been detected that is stealing financial data
Quick Heal-the global IT security firm warned on 12 june, about the two new Android Banking trojan threats that are using sophisticated ways to get access to the Android phones. The viruses are good at exploiting mobile users in India and steal their confidential data.
The two new Banking Trojan Malware detected by the Security experts at Quick Heal Security Labs are named as “Android.Marcher.C” and “Android.Asacub.T“.
The Trojans tricks users by its sophisticated ways like popping up as notifications from legitimate social media platforms like — Facebook, WhatsApp, Skype, Instagram and Twitter. It can even mislead the Android users by imitating to be any legitimate banking apps.
Once in, it gains administrative access to the incoming messages and even allows the hackers to access the device through bypassing the two-factor authentication OTP. This security feature is used for making secure online transactions.
Sanjay Katkar, Co-founder and CTO, Quick Heal Technologies Limited said–
“Indian users often download unverified apps from third-party app stores and links sent through SMS and email. This gives hackers a lucrative opportunity to steal confidential information from unsuspecting users.”
He also added–
“The fact that we’ve detected three similar malware in less than six months indicates that hackers are now targeting mobile users, who are far more vulnerable to sophisticated phishing attacks.”
The “Android.Marcher.C” Malware imitates to be a “Adobe Flash Player” and uses its icon to appear to be genuine to users. While “Android.Asacub.T” may appear to you are as an “Android Update” icon.
All the vital information like banking credentials, card details, and login IDs/passwords are saved onto the database of the Malware without user’s consent. Till the Malware is present, the users will be tricked and misled by the malicious apps.
Tips to be avoid Malware attacks on your Android Device
- Android users are always advised to only download apps from Google Play Store rather than depending upon third-party app stores for downloads.
- Avoid clicking on any unknown/suspicious link provided within the SMS or email.
- Always keep the ‘Unknown Sources’ option disabled. This will prevent installation of apps from third-party links.
To disable this…Open settings menu–Security–Unknown sources(make sure the toggle button next to it is off).
- Do not download unnecessary apps and verify it before giving permissions.
- Keep the Google Play Protect service always ‘ON‘
- Keep an updated mobile security application to quickly detect any suspicious activity on your device.