Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Android Trojan Marcher Disguises to Capture Login Credentials from Gmail, Skype, WhatsApp, Facebook, Instagram

Trojan Marcher for Android phones in its recent update looks like phony login screen that targets Web-surfers to steal their credentials when they access Facebook, Gmail, WhatsApp, Instagram, Skype or other applications.

Marcher malware's first appearance on the cell phones was during 2013 when if a Web-surfer accessed Google's Play Store, the Trojan displayed one fake screen on the upper portion of the Google application. Web-surfers were told on this phony screen to provide their credit card particulars that if done the Trojan would send those particulars to its remote command-and-control (C&C) server.

Marcher's creators with its new update are concentrating attacks on widely used Android applications rather than online banking apps.

Subsequently during 2014, Marcher was upgraded with the capability for phishing banking credentials off end-users who had accounts in financial institutions chiefly within United States, Turkey and Australia. Zscaler the mobile security company identified an updated Marcher which showed that the malware had included more names of high-profile targets into its attack list.

Specifically security company Zscaler for worldwide cloud-based information, of late, found Marcher the Trojan virus for Android phones in a new version which had listed many more application names to be attacked. The Trojan unlike before when it targeted Internet banking applications for stealing account credentials this time round focuses on popular Android applications for the same purpose. Newsmaritime.com posted this, August 20, 2016.

Like it happens with the majority of malicious programs nowadays, they send the data they steal onto a remote server, which attackers control. Earlier such data was dispatched written within clear-text through HTTP protocol, but the latest Marcher version transmits the stolen data in encrypted form through certain SSL-protected medium.

Trojan Marcher also proliferates disguised as a firmware security upgrade for Android, says Zscaler. Besides, Marcher is spreading through spam mails and SMS too as well as disguised as Flash Player updates of Adobe.

Experts recommend against downloading apps that are not from Google's Play Store no matter whether the Store itself is malware ridden because there are less possibilities of becoming contaminated with tainted Play Store applications than those outside of Play Store.

» SPAMfighter News - 8/24/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page