New banking malware for Android is spreading through fake pages that look like Google Play

A new banking Trojan for Android has appeared in Brazil and is expanding in an unusual way. Those behind this Trojan have created a page that looks very similar to the official Google Android app store, Google Play, to get users to think about installing a secure app.

The malware pretends to be the official app for Itaú Unibanco, Brazil’s largest bank with 55 million users worldwide, using the same icon as the legitimate app.

If a user clicks the “Install” button, they are offered to download the APK, which is the first sign of fraud because Google Play Store apps are installed through the store’s interface, and never ask the user to download and install them manually.

Researchers who analyzed the malware, they say that after launching the malware is trying to open a real Itaú app from the Play Store. If it succeeds, it uses the right application to perform fraudulent transactions by changing the user data entry field.

The application does not require any dangerous permissions during installation, so that the victim would not notice that something is wrong, but also to avoid the risk of detection by antivirus tools.

Instead, the malware uses the Accessibility Service, which is all a mobile malware needs to bypass all security controls on Android systems. There is a noticeable trend of abuse of the accessibility service when it comes to malware for Android, and Google has yet to solve the problem of this weak point.

It is up to the user to notice signs of abuse and to stop the malware before damaging the device.

Websites that were used to distribute malicious APKs have been reported and are no longer available, but criminals can return through other domains.

If you opt for mobile electronic banking, be sure to install the application from the official website of the bank or from the Google Play store. Update the application regularly, and use an antivirus from a reputable manufacturer. To keep your account secure, use a strong password and enable multi-factor authentication in the application. If you really need to install an app that isn’t in the Google Play Store, carefully study the permission requirements during and after installation. Regularly check that Google Play protection is enabled on your Android device.



Source: Informacija.rs by www.informacija.rs.

*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!