The specialists of “Doctor Web” informed about new versions of Android-Trojan family Android.BankBot, which are also known under the name Svpeng. They are dangerous because they kidnapped money from the bank accounts of users of mobile Android-devices and are able to shut down a number of antivirus programs. The family Android.BankBot has been known for several years, but only in the beginning of April to the fore particularly active – then the Russian Interior Ministry reported the arrest of cyber criminals who used these Trojans to attack by as much as a number of Russian and foreign credit institutions. The problem is that even after his arrest, malicious dissemination Trojans continued. In particular, the recently discovered Android.BankBot.43 and Android.BankBot.45, which are distributed under the guise of legal software that is installed on your device users themselves. We are talking about different games, media players or updates. Once the Trojan is in the system, it begins to take root, primarily by blocking the possibility of their own removal, as well as trying to root the device. The Trojan then communicates with the management server and waits for further instructions. Android.BankBot feature list is quite extensive, it may call to the specified number, execute USSD-request, send to the server, all incoming and outgoing SMS messages, reset the device to remove all user data, send SMS message with the settings and send the server detailed information about the affected device to search for the file in accordance with a received command name. However, the main title Android.BankBot – theft of money and valuable information. To do this, set the Trojans attack on mobile devices such as the program “Client-Bank”, as well as the application Google Play. Displaying a false form the input of personal data, the Trojan causes the user to independently confirm the transfer of funds to the account of intruders.
Source: “Doctor Web»
No comments:
Post a Comment