Security experts at�Dr. Web have warnedAndroid users to be careful from a new Trojanthat is stealing credit card details while making a transaction on Google Play store. It is currently targeting Russian users but a little bit of modification can let the criminals target people around the world.
The Trojan comes in the shape of a fake�Adobe Flash Player, once installed and run, it asks for�administrator privileges on the Android device after every 0.1 seconds. It does it by continuously irritating user to grant it the admin�privileges through a non-stop popup message. It will keep on asking until the user finally lets the Trojan take over the admin panel.
Dubbed as Android.BankBot.21, once the Trojan�gets access of�admin section; it checks if there is any active Google Play app window.�
�If one is present, the malware displays a standard credit card information form used to associate a credit card with an account,� the researchers note. �All the submitted information, such as the card number, expiration date and CVC code, and the address and phone number of the cardholder, is transmitted to the attackers� server.�
The BankBot Android Trojan also collects sensitive information from the infected device such as, credit card number, CVC number, its expiration date and user�s home address. It is also able to collect device specs such as list of installed apps, OS version, IMEI, and phone model and send it to the hacker.
Last but not the least, the BankBot Android Trojan can also take over the phone�s SMS function and send messages to any number at any time.�
We at HackRead�advise Android users to be careful of the fake flash player and don�t fall for tricks used by cyber criminals.