Malware Steals Funds from Bank Accounts of Android Owners

A new malware for Android phones which is called Fanta SDK targets users' bank accounts while carries out fraudulent transactions.

Softpedia reports that it was during December last that the malware's first version came to light; however, it did not cause too much destruction, since only a handful of the phone owners were victimized. But now Fanta SDK appears as returning having greater capability to do the destruction.

Applying one clever trick of disguising fake banking operations, the Android malware coders change the PIN on users' smart-phones that locks their devices thus engaging the users with the problem while the miscreants empty their bank accounts.

The attack begins with an e-mail to the user in which the e-mail id is spoofed and the message body tells that one fresh security update related to the user's banking operation has been provided and that he requires downloading it. Presently, the e-mail solely attacks people having accounts in Russian banks. Softpedia.com posted this dated May 28, 2016.

It naturally follows that any user with a banking application installed on his Android will likely pursue the e-mail's embedded web-link to take down the updated application on his smart-phone. Therefore, it's recommended that rather than using such manual downloads, users should download the application directly from Google's Play Store.

The company elaborates that to start a fake electronic mail is sent to the user that poses as being dispatched from his bank. Normally the e-mail would inform the recipient or request him to download one fresh update for his banking application so he may keep on using it devoid of any interruption. Nevertheless, the company adds that merely account holders at Russian banks are targeted with the so-called security application.

Security researchers have discovered that the master servers of this update have a connection with other malware's infrastructures which thrust the banking Trojans namely ZBot, Ramnit or Cridex.

According to Trend Micro, the application performs its operation in a way like that of criminals who ran Operation Emmental for stealing funds out of bank accounts held within Austria, Sweden and Switzerland employing one unique technique then.

» SPAMfighter News - 6/3/2016