ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Android Banking Malware

    News
    3
    5
    632
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • travisdh1T
      travisdh1
      last edited by

      https://otx.alienvault.com/pulse/581b9aef324bc542d6b1fd84/
      https://blog.fortinet.com/2016/11/01/android-banking-malware-masquerades-as-flash-player-targeting-large-banks-and-popular-social-media-apps

      I haven't read the Fortinet article (little in-depth and too little time). Android banking malware that pretends to be flash player, but get's the icon totally wrong. So close guys, so close.

      1 Reply Last reply Reply Quote 2
      • scottalanmillerS
        scottalanmiller
        last edited by

        Active users of mobile banking apps should be aware of a new Android banking malware campaign targeting customers of large banks in the United States, Germany, France, Australia, Turkey, Poland, and Austria. This banking malware can steal login credentials from 94 different mobile banking apps. Due to its ability to intercept SMS communications, the malware is also able to bypass SMS-based two-factor authentication. Additionally, it also contains modules to target some popular social media apps.

        Defeats two factor authentication!!

        Honestly, any vendor using Flash is just asking for this.

        travisdh1T thwrT 2 Replies Last reply Reply Quote 4
        • travisdh1T
          travisdh1 @scottalanmiller
          last edited by

          @scottalanmiller said in Android Banking Malware:

          Defeats two factor authentication!!

          Honestly, any vendor using Flash is just asking for this.

          Yes and yes. The being able to defeat two factor authentication is what got me to post about this. Shouldn't be surprising for malware on a phone. Two factor via text is just a terribly bad idea, now I've got some proof to back up that claim!

          scottalanmillerS 1 Reply Last reply Reply Quote 1
          • scottalanmillerS
            scottalanmiller @travisdh1
            last edited by

            @travisdh1 said in Android Banking Malware:

            @scottalanmiller said in Android Banking Malware:

            Defeats two factor authentication!!

            Honestly, any vendor using Flash is just asking for this.

            Yes and yes. The being able to defeat two factor authentication is what got me to post about this. Shouldn't be surprising for malware on a phone. Two factor via text is just a terribly bad idea, now I've got some proof to back up that claim!

            That and SMS is just bad, in general.

            1 Reply Last reply Reply Quote 2
            • thwrT
              thwr @scottalanmiller
              last edited by

              @scottalanmiller said in Android Banking Malware:

              Active users of mobile banking apps should be aware of a new Android banking malware campaign targeting customers of large banks in the United States, Germany, France, Australia, Turkey, Poland, and Austria. This banking malware can steal login credentials from 94 different mobile banking apps. Due to its ability to intercept SMS communications, the malware is also able to bypass SMS-based two-factor authentication. Additionally, it also contains modules to target some popular social media apps.

              Defeats two factor authentication!!

              Honestly, any vendor using Flash is just asking for this.

              SMS has never been a secure factor. Easy to intercept on wireless networks, even more on smartphones where an malicious app has access to the GSM modem or messaging API.

              1 Reply Last reply Reply Quote 1
              • 1 / 1
              • First post
                Last post