Android RAT malware invades mobile banking apps
A new Android-based RAT malware has threatened to invade users’ mobile banking apps
A new remote access Trojan malware for Android devices, dubbed com.II, is threatening users' mobile banking data, SMS messages and contact lists.
According to a blog by security vendor FireEye, the offending RAT is able to disable anti-virus systems Android users have in place, before scanning for banking apps and replacing them with fake ones. The malware then installs malicious app updates, steals and sends SMS messages and gains access to contact lists.
The blog claims that com.II "takes Android malware to a new level" by combining so many unwanted activities into a single app. The malware contains a feature called Bank Hijack' and is targeting eight banks in Korea, with fears this could quickly expand to many more.
Paco Hope, principle consultant with Cigital and a UK-based malware expert, restated concerns the RAT could pose a significant threat to mobile banking customers worldwide.
Speaking to SCMagazineUK, he said: "Because of its abstraction, it is likely that it will be used to target lots of different banking populations, and will probably be customised by region, language or jurisdiction.
"Malware of this nature also highlights the role the app store plays in securing a device. Users who accept apps from sources other than the official stores run a much higher risk of installing malware. For all their faults, the official Google and Apple stores play a significant role in protecting the average user from malware. The dangers of third-party app sources are very real."
To gain access, the malware poses as a Google Services Framework' asking users to install it with administrative privileges enabled. It then disables the uninstall option. Of 54 anti-virus systems tested by researchers, only five successfully detected the malware.
How virtual desktop infrastructure enables digital transformation
Challenges and benefits of VDIFree download
The Okta digital trust index
Exploring the human edge of trustFree download
Optimising workload placement in your hybrid cloud
Deliver increased IT agility with the cloudFree Download
Modernise endpoint protection and leave your legacy challenges behind
The risk of keeping your legacy endpoint security toolsDownload now