This Android Malware Can Steal Your Banking OTP Easily

An Android malware is targeting over 232 banking apps which including a few banks in india. Quick Heal security labs reports says, the Trojan malware named “Android.banker.A9480”,is especially designed to steal personal data from user without knowing it. Its take login data, sms, contact list and upload to malicious server .Additionally apart from banks details it’s also targets cyptocurrency wallets app on user’s phone

Here is list of banks given by Quick heal security lab are targeted by android banking apps
• Axis mobile,
• HDFC Bank MobileBanking,
• SBI Anywhere Personal,
• HDFC Bank MobileBanking LITE,
• iMobile by ICICI Bank,
• IDBI Bank GO Mobile+,
• Abhay by IDBI Bank Ltd,
• IDBI Bank GO Mobile,
• IDBI Bank mPassbook,
• Baroda mPassbook,
• Union Bank Mobile Banking,
• Union Bank Commercial Clients.

Android.banker.A9480 malware gets circulated via a fake flash player app on third-party store .This app is popular for cybercriminals due to prevalence . Once user download malicious app, its will get activated by sending numerous pop-up to victims until its get access to administrative privileges
Once malicious app is installed on there smartphone, icon get hide when user tap on it. This app will work all time in backgroung and checking all 232 banking apps , if this app find any one of them get that targeted app, its will send fake notification to user. When user open notification ,they get fake login window by attacker to extract confidential data like login id and password
As per the blog posted by Quick Heal, the malware can process commands like sending and collecting SMS, upload contact list and location, display fake notification and GPS permission, and more. Its can also bypass the OTP (two factor authentication) on user’s bank account

For the latest tech news and reviews, follow infinity tech stuff on Twitter, Facebook, and subscribe to our YouTube channel.