232 Banks with Android Apps hit by a Trojan

Quick Heal, an organization for cyber-security informed news sources of  detection of an Android Trojan malware associated with banking apps . It is called Android.banker.A2f8a. Users are directed to download Flash player from third party stores, which is fake and harmful. It obtains personal data from banking and crypto currency apps, based on reports by News 18.

“Users are expected to keep their records on the apps safe. They should avoid downloading any third party store apps,” opined Sanjay Katkar, Chief Technology Officer and Joint Managing Director of Quick Heal Technologies.

The Indian Express informed that banking apps of Axis, HDFC, SBI, ICICI, IDBI, Union Bank and Bank of Baroda are some names from many others who have been targets of data theft. Users are requested to provide administrative rights to this app after setup. It continues to pester users till they do the needful. After obtaining rights, the app connects with these financial apps with a hidden app icon. It tries to obtain data from 232 such apps.

This app is not only limited to access of banking information. It mentions locations, divulges contact lists and messages. These are transferred to a vindictive server. “After Android 4.1, Adobe Flash Player is not available on the Google play store and consumers who have banking apps on their phones need to beware of such an issue,” mentioned Quick Heal sources.

 

Sources: Indian Express, News 18

Feedback welcome!