Trojan targets major Australian bank apps


By Dylan Bushell-Embling
Thursday, 10 March, 2016

Trojan targets major Australian bank apps

Millions of Australian banking customers are at risk of falling victim to a mobile banking Trojan capable of stealing login details from the nation's major banks.

The Android Trojan campaign targets customers of banks including Westpac, ANZ, Commonwealth Bank, NAB, St George Bank and Bendigo Bank according to ESET Australia, which discovered the campaign.

The Trojan is capable of mimicking the login screens of 20 mobile banking apps from Australia, New Zealand and Turkey, as well as PayPal, Skype, eBay and several Google services.

It is designed to steal login credentials and also has the ability to intercept SMS communications to bypass SMS-based two-factor authentication.

The Trojan masquerades as a Flash Player app with a legitimate-looking icon and is available on services registered earlier this year.

After downloading and installing the malicious app, the user is prompted to grant the app administrator rights.

On installation, the app is designed to scan for a list of 49 target apps — not all of which are currently directly attacked — and activate if one is found. The malware then manifests as an overlay appearing over the launched application.

This overlay functions as a lock screen that can't be closed unless the user submits login credentials. These credentials are then sent to a remote server and the overlay closes. The malware also attempts to obtain Google account credentials.

Removing the malware requires the user to deactivate administrative privileges — which the Trojan is capable of circumventing by launching an overlay preventing the user for confirming the command — or booting into safe mode.

The full list of banks targeted by the Trojan is: Westpac, Bendigo Bank, Commonwealth Bank, St George Bank, National Australia Bank, Bankwest, Me Bank, ANZ Bank, ASB Bank, Bank of New Zealand, Kiwibank, Wells Fargo, Halkbank, Yapı Kredi Bank, VakıfBank, Garanti Bank, Akbank, Finansbank, Türkiye İş Bankası and Ziraat Bankası.

Image courtesy of Intel Free Press under CC

Related Articles

The problem with passwords is not what you think

When it comes to secure authentication, there seems to be a lesson we're not learning.

Secure-by-design software development for digital innovation

The rise of DevSecOps methodologies and developments in AI offers every business the opportunity...

Bolstering AI-powered cybersecurity in the face of increasing threats

The escalation of complex cyber risks is becoming a pressing issue for those in business...

Content from other channels on our network

When does a conductor not conduct?

Purdue-created tech makes 3D microscopes easier to use

Cracking the code on spin currents

Recyclable circuit board turns to jelly for disassembly

The potential of flexible thin-film electronics for chip design

LAPP ÖLFLEX CLASSIC 110 control cables empower industrial connectivity

Delivering Dependable Fibre Optic Solutions for Challenging Environments through Enhanced Beam Cable Assemblies

Indonesia moves towards power grid resilience

Qld networks launch powerline safety campaign

Virtual power plants installed at regional schools

Govt funds telco resilience tech, responds to LEOSat report

Extreme enclosure heli-lifted into an extreme environment

Cyber secured at critical network device level has never been more important

Cradlepoint 'Vehicle as a Node' is the Next Frontier for Emergency Services

Govt responds to post-incident review of Optus outage

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd