Android Banking Malware Bonanza - Cybercriminals are biting into Android Users’ banking data ... while industry adapts.

Leaked: Trojan Source Code + 'How to Use' Instructions + Multiple Flavours of the same FUD Malware

Various researchers said they have already discovered several banking trojans in the wild developed using this leaked source code, adding that the Trojan is distributed as popular apps either directly injected in APKs available online or in third-party app stores.

Dubbed BankBot, the trojan has the ability to get administrator privileges on infected devices. Once it gets full privileges, the malware trojan removes the app's icon from the phone's home screen in order to trick victims into believing it was removed.

However, the BankBot trojan remains active in the background, waiting for commands from attacker's command and control (C&C) server. It found targeting only users of Russian Banks.

Android users are under an increasing risk of identity theft and financial repercussions following a series of recent events that have brought Android banking malware cases to the forefront of the cybersecurity debate.

The most recent incidents include a banking Trojan designed to steal money leaked online by an underground hacking forum, and a DDoS attack targeting Lloyds Bank Group mobile apps. The increasing frequency of these events calls for urgent action from financial institutions, many of which are being actively targeted because of their negligent approach to mobile security. This is according to app security specialist Promon.

The cybercrime scene has rapidly evolved from being a garage business to a mature, large-scale, market-based economy, which seeks monetary fulfilment as its modus operandi. Naturally, banks are at the very core of their interest.

Cyber-enabled fraud alone went up 1,266% on 2015 figures, according to the Fraud Barometer reported by KPMG, with cases including a ￡113 million cyber fraud – the largest recorded in UK Courts since 2008. Sophisticated techniques today enable cybercriminals to employ a creative approach, meaning that ransomware, identity theft, malware and any other types of online crime are constantly being refined and upgraded by cybercriminals.

Lars Lunde Birkeland, Head of Communication at Promon said: “What we are seeing now is a steady development of a thriving internet of malware – a place where cybercriminals can work on their skills, share tips and tricks and create a community that is seeing the financial sector as a highly lucrative target, with the mobile channel a rapidly growing area for exploitation.

“Despite this clear and present danger, banks and financial institutions are still failing to fully comprehend the scale of the threat on their doorstep.”

The Trojan dubbed BankBot has already been identified as targeting Russian Android device owners’ bank details – moreover, it can intercept SMS texts, track the device, make calls and ultimately steal contacts and sensitive data, such as credit card information.

“Given the international nature of cybercriminal activity, in theory nothing is stopping BankBot criminals from turning their heads towards the hefty congregation of British Android device users. In fact, it would come as no surprise, given that 3.6 million fraud offences have been registered in the 12 months to September 2016,” added Birkeland.

“There will be serious consequences for banks if no action is taken. As the smartphone penetration rate in the UK continues to grow, hackers will have a broader attack surface on which to plan their activities. Banks need to see mobile security as their own problem, rather than one of a device manufacturer or operating system.

“Without taking steps to strengthen their apps and mobile platforms, it is only a matter of time until a backlash, which could have catastrophic financial and reputational consequences”, concluded Birkeland.

Traditional security systems such as antivirus, antispam and antimalware are outdated and no longer able to protect companies and users against security threats and cyber-crime. 

Original : virusfreephone.com