Security experts warn against a wave of fake applications, spreading banking malware | TechBuzz

- Advertisement -

The most frequently detected malicious code for the Android platform in the Czech Republic in May was again the Trojan horse Andreed. ESET security specialists discovered him this time in a third of all cases. Andreed displays an unsolicited aggressive ad, and users most often download it to their device along with popular games from third-party stores. Already in April, Andreed spread, for example, through fake versions of the mobile games Buddy Toss or Chuchel.

Read also

Say goodbye to recording calls on Android, Google wants to check it for good

The Trojan horse Andreed showed a stable number of detections in May. It is an adware that displays aggressive unsolicited advertising. Its presence on the phone then manifests itself by popping up a large number of advertising windows in the application and slowing down the performance of the device. However, it can also collect information about our behavior or link to dangerous websites, where there is already a real risk that we will download far more dangerous malware to the device,”Says Martin Jirkal, head of the analytical team at the Prague branch of ESET Research.

In May, the Czechia faced a wave of fake applications, spreading banking malware

- Advertisement -

In more than a tenth of cases, security experts also discovered the banking Trojan horse Spy.Banker.ASS, which spread via the dropper Agent.IVA. Dropper is a type of malicious code that, like an envelope, delivers other malware secretly to the device, so lower quality security programs may not detect it at all. In addition, droppers often disguise themselves as fake versions of known applications and tools, and very often change their appearance.

In the case of the spread of the bank Trojan horse Spy.Banker.ASS, we identified a number of fake applications in May. Banking malware, for example, hid in a fraudulent version of the Turkish media player Temel Video Player or an application from DHL. We also found it in one voicemail application for sending voice messages or in an application to control a smart watch,“Says Jirkal. The moment a banking malware infects a smartphone, it takes virtually all control over it.

- Advertisement -

Spy.Banker.ASS has all the features typical of banking malware. It can read SMS messages and monitor calls, record the device screen, and thus record our activities. It can access storage and accessibility services. The malicious code then uses these services to obtain all other permissions. This will prevent users from uninstalling the malicious application they downloaded the malware with. Ultimately, the bank Trojan horse will do what it was meant to do – steal the login details to the bank account,“Explains Jirkal.

Smartphone security is essential

Bank Trojans are a long-feared threat to the Android platform in the Czech Republic. Attackers often spread them through droppers and rely on the fact that the abused names of well-known applications, which they offer in unofficial stores for free as part of some other software package, motivate users to download.

Beware, the new Trojan horse steals sensitive data directly from the banking application

Read also

Beware, the new Trojan horse steals sensitive data directly from the banking application

- Advertisement -

If banking malware infects our device and we do not have it protected by any security program, we do not use an official banking application and we do not lock or confirm operations on the device using biometric data, ie fingerprint or face recognition, the way to steal our funds is easy for attackers.“Says Jirkal and adds:”In May, we saw how attackers used a variety of tools to spread malware. Therefore, if a user does not download trusted applications from official stores, such as the Google Play Android platform, they are not able to safely identify which applications may contain malware and which may not.“To fully secure your Android smartphone, it is important to regularly update the operating system and all the applications on your device and use high-quality security software.

READ  Check out the upcoming smart bracelet Amazfit Band 7. Dazzling 18-day endurance | | TechBuzz

The most common cyber threats in the Czech Republic for the Android platform in May 2022:

  1. Android/Andreed trojan (33,37 %)
  2. Android/TrojanDropper.Agent.IVA trojan (13,96 %)
  3. Android/Triada trojan (2,79 %)
  4. Android/TrojanDropper.Agent.GKW trojan (2,21 %)
  5. Android / TrojanDropper.Agent.JDU trojan (1.97%)
  6. Android/Spy.Cerberus trojan (1,97 %)
  7. Android/Spy.Agent.CBT trojan (1,69 %)
  8. Android/TrojanDownloader.Agent.WI trojan (1,25 %)
  9. Android/TrojanDropper.Agent.IDL trojan (1,11 %)
  10. Android / TrojanDropper.Agent.DER trojan (1.11%)

Source link

- Advertisement -
I am admin of blog & I provide tech-related news. As a part of my hobby, I make content related to technology and gadgets reviews too. I love to be a content creator apart from it, I am a full-time employee in an MNC company and manage blogs systematically. You can mail me at [email protected]

More from author

Related posts


Latest posts

Kingsman 3: start of filming in 2023? | TechBuzz

Director Matthew Vaughn's third Kingsman movie is set to conclude the story arc of character Gary "Eggsy" Unwin, aka Galahad, played by Taron Egerton....

Revolution from Revuto: Lifetime subscriptions to Netflix and Spotify available to users for the first time | TechBuzz

By using advanced technology, Revuto by selling NFT enables users to have a lifetime subscription to their favorite streaming services with a stable price...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!