Android trojan targets 232 banking apps including Indian banks

Jan 6, 2018

Android phones are at risk of getting hacked by a malware currently known as Android.banker.A2f8a and previously called as Android.banker.A9480 in security circles. The banking trojan targets nearly 232 banking apps around the world, including a number of Indian banks.

As per Quick Heal Security Labs, Android.banker.A2f8a is capable of hijacking SMSes, stealing login details, uploading a person’s contacts and SMSes to a server, and showcasing an overlay screen on top of genuine apps to pinch data. It worms its way into phones by posing as a Flash Player app on third-party stores.

Upon installation, Android.banker.A2f8a asks for administrative rights over and over again until the user gives in or stops it in its tracks. The trojan then hides its icon and secretly spies on the smartphone to check if any of the 232 banking and cryptocurrency apps are present.

Credit Card Security

If it finds a match, the malware tricks victims into entering their net banking login ID and password by showing them a notification followed by a fake login screen. Some of the Indian banks at risk include ICICI Bank, IDBI, Bank of Baroda, SBI, Union Bank, HDFC Bank, and Axis Bank.

Android.banker.A2f8a has several other tricks up its sleeve. For instance, it can lower the volume to silence any notifications and keep an eye on incoming and outgoing SMSes. The latter allows it to bypass the two-factor authentication process on the person’s bank account.

Also See: Millions of Android users plagued by malware Judy

There are a couple of measures which can be undertaken to protect yourself from getting hit with malware. Firstly, don’t download apps from platforms other than the Play Store. It’s also best to keep ‘Unknown Sources’ disabled since enabling the option will allow apps to be installed from untrustworthy sources.