A highly dangerous Android malware is targeting banking apps to access users’ bank accounts.
Identified as the “Trojan-Banker.AndroidOS.Svpeng.ae” or “The Invisible Man”, this malware deploys a key-logger that records a victim’s login details through the infected banking app, according to a report by The Register.
Once access details have been obtained, hackers may begin siphoning off money from the account, leaving it bone dry.
Apparently the malware is disguised as a fake Flash player download. If tapped, it leads the victim to a site where a .apk file will be downloaded.
The malware was discovered by researchers at the Kaspersky Lab. Malware analyst Roman Unucheck said, “Its malicious techniques work even on fully updated devices with the latest Android version and all security updates installed.”
“By accessing only one system feature, this Trojan can gain all necessary additional rights and steal lots of data,” he warned.
Once a victim installs the downloaded .apk, the mobile device becomes wide open for exploitation. The researchers reported that the malware gives itself administrator rights, becomes the default SMS app, and even has the ability to send and receive calls as well as SMS.
So far, the malware has spread to the United Kingdom, Germany, Turkey, Australia, Singapore and Poland.
Apart from avoiding downloading of .apk files from questionable websites, the other defense against Invisible Man is to set the smartphone’s default language to Russian. Once the malware detects this, it will turn off and delete itself. Some speculate this could be because Russian hackers don’t want fellow Russians getting harassed by their malicious creations. Alfred Bayle/JB