Are you using an Android device? Caution! Security researchers warn that the source code of an Android banking malware is posted online, along with information on how to use it by anyone.
Which means that Android users will soon face a growing number of attacks.
The security company Dr. The Web has discovered that the source code of an Android banking malware has leaked, adding that it can be distributed as a popular application or injected into APK files available on the internet or in third-party stores.
Malware is recognized as Android.BankBot.149.origin and tries to get administrator rights. Once you have full rights, malware removes the app icon from the home screen, trying to fool users into believing it was removed.
On the other hand, it remains active in the background, and connects to a command and control server waiting for commands. It can perform a bunch of features, such as sending and receiving SMS messages, stealing contacts, locating devices, making calls, phishing, and stealing sensitive information such as bank details and credit card details.
"Like many other Android banking malware, Android.BankBot.149.origin steals confidential user information by monitoring online banking applications and payment system software. A sample tested by Dr.'s safety researchers Web controls over three dozen such programs. "Once Android.BankBot.149.origin detects that any of the aforementioned applications are working, it loads the relevant phishing login screen to steal the user account login details and password," the company said.
Phishing input screens are available for many popular apps including Facebook, Instagram, WhatsApp, and YouTube. For the Google Play Store, malicious software displays a phishing dialogue similar to what appears when you make purchases on Google Play by requesting your credit card information.
In addition, it can intercept text messages, send them to the attacker, and then delete them from the phone, which is particularly dangerous in the case of notifications by the bank.
So be careful when downloading and installing APK files from third-party stores or through "friends."