It’s another day, and there’s another fresh piece of Android malware to watch out for, although this one is particularly concerning given that it targets banking details, and lots of them – plus it could potentially be used to obliterate all the data on your handset.
The malware in question is disguised as a Flash Player app, which grabs full admin rights when the user clicks the ‘activate’ button after launching, and then it lurks in the background, poised to pounce when any major banking apps are fired up on the device.
Some 94 different banking apps are currently targeted, according to Fortinet which spotted the Trojan, and they include the likes of Santander, American Express, and Paypal, for which the malware will steal the user’s credentials when entered.
It also targets a lot of common social media apps including Facebook, Twitter, Snapchat, LinkedIn, Instagram and more, producing a pop-up which asks for credit card details and hopes the user is foolish enough to enter them.
Due to the overarching permissions it gains, the Trojan can also intercept text messages – to grab codes such as two-factor authentication – or indeed it can send texts, and even perform a factory reset on the Android device, nuking all the user’s data. (This sort of thing is why you should be sure to regularly backup your phone or tablet).
The malware is currently in circulation around the US and parts of Europe including Germany and France, although not the UK yet – although it could well hit these shores soon enough.
Fortinet advises that the simplest method to remove the malware is as follows: “First, the user can disable the device administrator rights in Settings > Security > Device Administrators> Google Play Service > Deactivate, and then uninstall the fake ‘Flash Player’ via Settings > Apps > Flash-Player-update > Uninstall.”
Needless to say, if you’ve encountered the fake app and entered any financial details, you’ll need to take swift action in contacting your bank, changing your password(s) and so forth.
Another major threat to watch out for these days is tech support scams, which are most definitely on the rise – including one involving a virus posing as a Windows Security Essentials installer, and another that exploits a bug in Google’s Chrome browser which we highlighted earlier today.