The Hacker News Logo
Subscribe to Newsletter

New Android Banking Trojan targeting Korean users

A very profitable line for mobile malware developers is Android Banking Trojans, which infect phones and steal passwords and other data when victims log onto their online bank accounts.

One recent trend is Android malware that attacks users in specific countries, such as European Countries, Brazil and India. 
The Antivirus software maker Malwarebytes noticed that a new threat distributed via file sharing sites and alternative markets in the last few months, targets Korean users.

Dubbed as 'Android/Trojan.Bank.Wroba', malware disguises itself as the Google Play Store app and run as a service in the background to monitor events. 
"This enables it to capture incoming SMS, monitor installed apps and communicate with a remote server."
According to the researcher, after installation - malware lookup for existence of targeted Banking applications on the device, remove them and download a malicious version to replace.
"The malicious version will contain the exact Package Name and look very similar to the legitimate app, but contains malicious code with no banking functionality."
The attackers aim to obtain login credentials giving them access to the victim’s bank account and that second installed fake Banking application will capture the banking information and other useful data to generate revenue for them.

Android wouldn't be the only mobile operating system at risk from such automated exploits. Recently launched Firefox Mobile OS also have its first mobile Malware surfaced a few days back.

Best Security Practice, always download applications from reputable markets only i.e. Google Play Store.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.