Quick Heal Detects Mobile Malware Android.Banker.A2f8a
Quick Heal Security Labs, which spotted the malware Banker A2f8a, states the program has been created for intercepting SMS messages, filching login credentials, exhibiting one overlay screen over legitimate applications for capturing details, transmitting texts/address lists to certain remote malevolent server, as well as conducting other malicious operations.
Since the malware is capable of tapping all inbound and outbound short messaging services from the contaminated phone, it's significant to note that with this, attackers can circumvent the dual-factor validation via SMS and access the financial accounts of their victims.
The above serves a warning signal considering that Adobe Flash Player is no longer allowed for use following the launch of Android version 4.1 since it can be obtained from the smart-phone's Web-browser itself. Infosecurity-magazine.com posted this, January 4, 2018.
Attackers are distributing the Android.banker.A2f8a malicious program via one fake Flash Player application available from 3rd-party stores. Following this application's download the malware continuously searches the victim's phone for other applications loaded onto it and especially searches to see the presence of the crypto-currency and 232 banking applications. These applications consist of smart-phone banking applications of SBI Anywhere Personal, HDFC Bank, Axis Bank, and iMobile by Union Bank, IDBI Bank and ICICI Bank.
If attackers find one of the aforementioned applications on the victim's smart-phone, the malware displays false notifications pretending to arrive from it while directs the victim to enter his credentials for logging in which they tactfully capture.
According to Quick Heal Research, the malicious program further manages dispatching SMSes while dynamically gets a number and text that the server produces. It as well manages silencing the ringer tone of the device so that SMS notifications are suppressed.
Android.banker.A2f8a garners data that's not just the details within the banking application. For, the Trojan intercepts SMSes, reveals location particulars as well as seizes contact lists that it then transmits onto malicious servers. It's being reiterated for the sake of end-users having banking applications installed onto their Android phones that after the launch of Android 4.1, there's been withdrawal of Adobe Flash Player to the extent that its applications are not available even on Google Play Store.
» SPAMfighter News - 1/10/2018
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!