Dangerous Malware steals credit card information from Android devices

Security experts at�Dr. Web have warnedAndroid users to be careful from a new Trojanthat is stealing credit card details while making a transaction on Google Play store. It is currently targeting Russian users but a little bit of modification can let the criminals target people around the world.

The Trojan comes in the shape of a fake�Adobe Flash Player, once installed and run, it asks for�administrator privileges on the Android device after every 0.1 seconds. It does it by continuously irritating user to grant it the admin�privileges through a non-stop popup message. It will keep on asking until the user finally lets the Trojan take over the admin panel.

dangerous-trojan-steals-credit-card-information-from-android-devices

Dubbed as Android.BankBot.21, once the Trojan�gets access of�admin section; it checks if there is any active Google Play app window.�

�If one is present, the malware displays a standard credit card information form used to associate a credit card with an account,� the researchers note. �All the submitted information, such as the card number, expiration date and CVC code, and the address and phone number of the cardholder, is transmitted to the attackers� server.�

dangerous-trojan-steals-credit-card-information-from-android-devices-2
The BankBot Android Trojan also collects sensitive information from the infected device such as, credit card number, CVC number, its expiration date and user�s home address. It is also able to collect device specs such as list of installed apps, OS version, IMEI, and phone model and send it to the hacker.

dangerous-trojan-steals-credit-card-information-from-android-devices-4

Last but not the least, the BankBot Android Trojan can also take over the phone�s SMS function and send messages to any number at any time.�

We at HackRead�advise Android users to be careful of the fake flash player and don�t fall for tricks used by cyber criminals.

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.