• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 23rd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Crime
Phishing Scam

Newly Found Malware can steal bank details on Android phones

March 11th, 2016 Ali Raza Cyber Attacks, Phishing Scam 0 comments
Newly Found Malware can steal bank details on Android phones
Share on FacebookShare on Twitter
ESET security researchers have discovered an Android malware targeting banking customers in Australia — The malware also bypasses the two-factor authentication system

Four of Australia’s largest banks customers are being targeted by a sophisticated Android attack which has so far managed to remove two-factor authentication system and can steal banking details.

The four big banks involved are the Commonwealth Bank, National Australia Bank, Westpac and the ANZ Bank. These banks’ millions of customers have been put at risk by the malware which infects devices and hides from the user, waiting for the moment when a user opens the banking apps.

The flaw then puts a fake login screen on the phone and uses that to capture the users’ private details. It is designed to look like login screens for various popular and distinguished applications like PayPal, Skype, WhatsApp and some several Google services. It is also designed to mimic banking applications from Australia, New Zealand, and Turkey.

[q]Fact: Cyber criminals develop one Android Malware every 17 seconds[/q]

The malware also targets other various banks in other countries like Turkey and New Zealand with banks like Bendingo Bank, St George Bank, BankWest, ME Bank, ASB Bank, Bank of New Zealand, KiwiBank, Wells Fargo, Halkbank, Yap Kredi Bank, Vakifbank, Garanti Bank, Akbank, Finansbank, Turkiye Is Bankas, and Ziraat Bankas.

This latest attack shows how malware attacks have evolved along the way, as hackers aim to make them more sophisticated and effective enough for them to not be detected by security measures. ESET senior researcher Nick FitzGerald said that “This is a significant attack on the banking sector of Australia and New Zealand, and should not be taken lightly. While 20 banking apps have been targeted so far, there is a high possibility the e-criminals involved will further develop this malware to further attack more banking apps.” he added.

[fullsquaread][/fullsquaread]

The malware is also believed to stop the two-factor authentication system by intercepting the codes sent to a phone via SMS, and sending the code to the hackers rather. This potentially gives them all the necessary information they need to login into any person’s bank account and do as they want.

ESET security was the company which detected the malware; the firm said the malware affected by devices by imitating Adobe Flash Player, which is required to play streaming videos. It requests for administrator rights and starts checking for installed banking applications and then reports back to the hackers so that it can start inserting the fake login screen.

Flash player does not come from the protected Google Play Store but rather from bogus websites and messages which trick the users into installing them in their devices. Websites that the malware usually exists on include adobeplayerdownload.com, adobeflashplaayer.com, and flashplayeerupdate.com.

Google spokesperson warned users against allowing phones to install from untrusted sources on the web but rather should keep to those that are advised by Google. The spokesperson said over a billion devices were protected by Google Play, which routinely scans at least 200 million Android devices automatically every day.

To check if your device was affected or not you can check in the loss of device administrators found under Settings > Security >Device Administrators menu and you will see Flash player written there. If attempts to delete this flash player are made a false message claiming deletion of data if the process is gone with through appears but it is not valid.

This then disables its device administrator rights and makes it possible to uninstall the malware via Settings > Apps/Application manager > Flash Player > Uninstall. It’s reported that in some cases a fake warning comes over the Device Administration list to prevent deactivation. It leaves the user with one solution to restart the device in Safe mode, which restarts the device with all installed apps disabled, which therefore prevents the malware from blocking access to Device Administration list. However safe mode may be accessed in various ways, so it’s best to consult your manual or support website.

This comes as a blow to Android maker Google, which comes when they have been planning to step up efforts to block shady websites that contain bogus advertisements and pop ups which most of the times link to malware. Ways have to be found to prevent something of this magnitude from happening, and Google might have to look to iOS which makes its system impenetrable to outside downloads.

  • Tags
  • Adobe
  • Android
  • Australia
  • Banking
  • Cyber Crime
  • eset
  • Flash Player
  • Google
  • hacking
  • Malware
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Facebook’s bugs bounty program to the rescue: Rewards with $15,000
Next article Bank survive $1 billion heist thanks to spelling mistake
Ali Raza

Ali Raza

Ali Raza is a freelance journalist with extensive experience in marketing and management. His work has been featured in many major crypto and tech websites including Hacked, Hackread, ValueWalk, Cryptoslate, CCN, and Globlecoinreport to name a few. Raza is the co-founder of 5Gist.com, too, a site dedicated to educating people on 5G technology.

Related Posts
Facebook ads used in spreading Facebook Messenger phishing scam

Facebook ads used in spreading Facebook Messenger phishing scam

Fake Netflix app on Play Store caught hijacking WhatsApp sessions

Fake Netflix app on Play Store caught hijacking WhatsApp sessions

Fake LinkedIn job offers scam spreading More_eggs backdoor

Fake LinkedIn job offers scam spreading More_eggs backdoor

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Hacked Android phones mimicked connected TV products for fake ad views
Cyber Crime

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool
Hacking News

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads
Security

Play Store apps plagued with malware have 700,000 downloads

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us