The company “Doctor Web” warns of the danger of malicious programs whose victims are the owners of mobile devices running the operating system Android. The malware was named Android.BankBot.65.origin.
The main feature detected trojan is that it is embedded in a formal application for access to mobile banking, “Sberbank of Russia”. And the program carrier retains all of its original features, resulting in a trick to find it is not so simple. This modified version extends the client application through one of the most popular web portals dedicated to mobile devices.
Once installed, the malware creates a special configuration file, and is connected to the management server, which sends the data such as identity IMEI-infected the device name of the mobile operator, MAC-address of the built-in Bluetooth-adapter, OS version, and so forth. In addition, the attackers can be sent encrypted user’s contact list.
Troyan command from the management server is able to intercept incoming SMS and send different messages to specified phone numbers. With malware, cybercriminals can steal money from bank accounts of users and perform various fraudulent schemes. For example, attackers can place a specially crafted SMS messages among the victims, such as the blocking of bank card with a demand to call “bank” the number indicated, with a request to fill the balance of “relative in distress” and so on. N.
For more information on the malware Android.BankBot.65.origin can be found here.
If you notice a mistake – select it with the mouse and press CTRL + ENTER.