Android Malware Can Steal Your Bank Account
The FBI has put out a warning for anyone using an Android device that it has identified two new malware families. Marcher and SlemBunk monitor a victim’s phone and whenever they launch a mobile banking app, the malicious software injects an overlay over the app’s interface in order to steal the user’s credentials. It’s essentially a phishing scam, but the hackers are able to jump in between a victim and their financial institution by throwing up a false login page when they open up its app.
Having been around since 2014, up until now the attacks largely targeted foreign banks. The hackers who developed the malware have been offering it for purchase or lease and have been slowly expanding their reach to western financial institutions.
The SlemBunk family of malware hides after running for the first time by giving the appearance of being other apps. It appears that one way the malware is spread is through adult websites that claim to need an Adobe Flash update in order to view content. Users who download the supposed update are then infected.
Use the same sort of common sense precautions to avoid being affected by these types of attacks as you would other phishing attacks. Keeping your operating system up to date with help mitigate some of the danger and don’t click on questionable links in unsolicited texts. Lastly, when downloading apps, only download ones directly from the official Google Play app store.