Exposed Banker Trojan for Android Detected Masquerading Apps of Google Play Store

Matching the prediction of security researchers, one capable banking Trojan to suit Android, whose source code got exposed online during the middle of December 2016, can currently be observed regularly within live assaults.

The researchers had noticed 3 separate attacks using the aforementioned Trojan that some disgruntled client leaked on the Web on 19th December, 2016 through an illegal hacking forum that used Russian language. Given that the code was obtainable freely for anybody, the cyber-criminals spent a month-or-so for designing the Trojan in a version of their own while begin spreading it through sinister apps harbored on intermediate application stores.

It was ESET which detected the earlier edition and called it Trojan.Android/Spy.Banker.HU as also reported the same 6th February. Crooks distributed the malicious program through Google Play Store in the form of Good Weather one authentic weather forecast app's trojanized edition. The malware attacked 22 banking applications for mobile phones in Turkey, trying for digging credentials with the aid of fake login forms. Furthermore, the Trojan was capable of locking/unlocking
tainted gadgets while tap text messages from the remote.

Lately, ESET found one fresh edition of the banking Trojan pretending to be still one more authentic weather application namely World Weather of Google Play. This fresh edition identified as Trojan.Android/Spy.Banker.HW (ver.1.2) appeared inside Google's Play Store between February 14 and February 20 the day ESET reported it followed with eliminating it from Play Store. Securitybrief.asia posted this, February 27, 2017.

As per the researchers from ESET, the two disguised apps happened to be clones of Good Weather and World Weather respectively. In spreading the former, crooks designed the banker malware for exhibiting phony login web-pages to access the banking applications of twenty two banks of Turkey.

For users downloading applications of Google Play, they must ensure they're provided the application permission prior to updating/installing. Rather than mechanically allowing an application its demanded permissions, users must understand the meaning of the permissions for the applications along with the users' devices. In case something looks off the line then reviews of other users can be referred to in deciding whether to download or not.

» SPAMfighter News - 2/28/2017