Two fresh complicated Android Banking trojan viruses are using behavior of mobile users in India to get access to their private data, claimed Quick Heal (the global IT security company) this week to the media in an interview.
Security analysts at Quick Heal Security Labs have found “Android.Asacub.T” and “Android.Marcher.C” as the 2 trojans that replicate notifications from popular social apps such as Facebook, WhatsApp, Instagram, Skype, and Twitter as well as some of the top banking applications in India.
By getting access to incoming texts via administrative rights, these viruses also permit attackers to evade the 2-factor OTP verification normally employed for safeguarding online payments in India, the scientists claimed.
“Indian consumers often install unverified applications from links and 3rd-party app stores sent via email and SMS. This offers attackers a lucrative chance to steal private data from unsuspecting consumers,” claimed CTO and Co-founder at Quick Heal Technologies Limited, Sanjay Katkar, to the media in an interview.
“The fact that we have found 3 similar malware in not more than 6 Months hints that attackers are now aiming for mobile consumers, who are far more defenseless to complicated phishing assaults,” he claimed.
While “Android.Asacub.T” imitates an icon for Android Update, “Android.Marcher.C” employs the icon for Adobe Flash Player to look similar to a genuine application.
Whenever consumers use an application on these malware’s database, they are fooled into entering private data such as card details, banking credentials, and login IDs/passwords before they can carry on employing the app.
This is not the 1st time that the company has found such a virus.
On a similar note, Avast Threat Labs’ scientists recently found an adware dubbed as Cosiloon that is pre-installed on Android handsets from firms such as Archos, ZTE, and myPhone. The adware produces an overlay over a webpage to cover an ad inside the consumer’s browser.