{"id":2882,"date":"2019-04-06T19:34:15","date_gmt":"2019-04-06T19:34:15","guid":{"rendered":"http:\/\/www.syyhoaxanalyzer.com\/?p=2882"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T17:00:00","slug":"Sophisticated-Malware-Attack-Hijacking-Australian-Banking-Apps-on-Android-Phones","status":"publish","type":"post","link":"http:\/\/www.syyhoaxanalyzer.com\/?p=2882","title":{"rendered":"Sophisticated Malware Attack Hijacking Australian Banking Apps on Android Phones"},"content":{"rendered":"<div>\n<p><span style=\"color: #ff0000;\"><strong>Brief Analysis:<\/strong><\/span><br \/>\nCybercriminals are targeting customers of several Australian banks who use banking apps on Android phones \u00a0to access their accounts. The attack is perpetrated via sophisticated malware that can hijack the genuine bank apps on the phones, thereby stealing account login details and even two factor authentication codes.  \u00a0The malware is getting on to Android \u00a0phones by tricking users \u00a0into installing what they believe is the \u00a0Adobe Flash Player application.  \u00a0The malware comes via \u00a0compromised websites and fake update messages. It is important that you only download Android applications via trusted sources such as Google Play.<br \/>\n<script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Top Content Responsive --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"4870821038\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<p><a href=\"http:\/\/hoax-slayer.net\/wp-content\/uploads\/2016\/03\/australian-bank-malware-1.jpg\" data-rel=\"penci-gallery-image-content\"  rel=\"attachment wp-att-1211\"><img loading=\"lazy\" decoding=\"async\" data-attachment-id=\"1211\" data-permalink=\"https:\/\/www.hoax-slayer.net\/sophisticated-malware-attack-hijacking-australian-banking-apps-on-android-phones\/australian-bank-malware-1\/\" data-orig-file=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/australian-bank-malware-1.jpg\" data-orig-size=\"800,476\" data-comments-opened=\"0\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"australian-bank-malware-1\" data-image-description=\"\" data-medium-file=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/australian-bank-malware-1-300x179.jpg\" data-large-file=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/australian-bank-malware-1.jpg\" class=\"aligncenter size-full wp-image-1211\" src=\"https:\/\/hoax-slayer.net\/wp-content\/uploads\/2016\/03\/australian-bank-malware-1.jpg\" alt=\"Australian Bank Malware\" width=\"800\" height=\"476\" srcset=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/australian-bank-malware-1.jpg 800w, https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/australian-bank-malware-1-300x179.jpg 300w, https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/australian-bank-malware-1-768x457.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/a><\/p>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HSNet Article Center --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"5727909035\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<p><span style=\"color: #ff0000;\"><strong>Detailed Analysis:<\/strong><\/span><br \/>\nCybersecurity experts are warning Android phone users about a quite sophisticated malware attack \u00a0that is targeting customers of several Australian banks, including the &#8216;Big Four&#8217;, Commonwealth, ANZ, National Australia, and Westpac.<\/p>\n<p>The malware is infecting phones by \u00a0masquerading as the Adobe Flash Player application. Information about the attack on security firm Eset&#8217;s website <a title=\"Android Trojan Targets Customers of 20 Major Banks\" href=\"http:\/\/www.eset.com\/int\/about\/press\/articles\/malware\/article\/android-trojan-targets-customers-of-20-major-banks\/\">notes<\/a>:<\/p>\n<blockquote>\n<p><em>The Trojan spreads as an imitation of Flash Player application. After being downloaded and installed, the app requests Device administrator rights, to protect itself from being easily uninstalled from the device. After that, the malware checks if any target banking applications are installed on the device. If so, it receives fake login screens for each banking app from its command &amp; control server. Then, once the victim launches a banking app, a fake login screen appears over the top of the legitimate app, leaving the screen locked until the victim submits their banking credentials.<\/em><\/p>\n<\/blockquote>\n<p>The malware \u00a0can even \u00a0intercept two-factor authentication codes sent \u00a0via SMS to the infected phone.  \u00a0Thus, the malware can not only steal the user&#8217;s bank login details but also grab the authentication code, thus allowing the \u00a0criminals to easily hijack the victim&#8217;s bank account.<\/p>\n<p>It should be noted that the malware is targeting customers of a number of smaller Australian and New Zealand based banks as well as  \u00a0the Big Four. It is also targeting customers of some Turkish banks. And, the list \u00a0of targeted financial institutions may grow over time.<\/p>\n<p>The <a title=\"Android bank app users targeted in sophisticated cybercrime attack\" href=\"http:\/\/www.abc.net.au\/news\/2016-03-10\/cybercriminals-target-millions-of-bank-app-users\/7237220\">malware is spread<\/a> via compromised websites and messages urging users to download the fake Flash \u00a0Player.<\/p>\n<p>It is important that Android users only download applications from trusted sources such as Google Play. Eset has <a title=\"Android banking trojan masquerades as Flash Player and bypasses 2FA\" href=\"http:\/\/www.welivesecurity.com\/2016\/03\/09\/android-trojan-targets-online-banking-users\/\">published a \u00a0technical analysis<\/a> of the \u00a0threat along with \u00a0instructions for removing the malware should your phone be infected.<\/p>\n<div align=\"center\">\n<script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Bottom AdLinks --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"1358951439\"\n     data-ad-format=\"link\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/div>\n<p class=\"date\">Last updated: March 14, 2016<br \/>\nFirst published: March 14, 2016<br \/>\nBy Brett M. Christensen<br \/>\n<a class=\"foot\" href=\"http:\/\/www.hoax-slayer.com\/about.shtml\">About Hoax-Slayer<\/a><\/p>\n<p class=\"ref\">References<br \/>\n<a title=\"Malware hijacks big four Australian banks' apps, steals two-factor SMS codes\" href=\"http:\/\/www.smh.com.au\/technology\/consumer-security\/malware-hijacks-big-four-australian-banks-apps-steals-twofactor-sms-codes-20160309-gnf528.html\">Malware hijacks big four Australian banks&#8217; apps, steals two-factor SMS codes<\/a><br \/>\n<a title=\"Android bank app users targeted in sophisticated cybercrime attack\" href=\"http:\/\/www.abc.net.au\/news\/2016-03-10\/cybercriminals-target-millions-of-bank-app-users\/7237220\">Android bank app users targeted in sophisticated cybercrime attack<\/a><br \/>\n<a title=\"Android banking trojan masquerades as Flash Player and bypasses 2FA\" href=\"http:\/\/www.welivesecurity.com\/2016\/03\/09\/android-trojan-targets-online-banking-users\/\">Android banking trojan masquerades as Flash Player and bypasses 2FA<br \/>\n<\/a><a title=\"Android Trojan Targets Customers of 20 Major Banks\" href=\"http:\/\/www.eset.com\/int\/about\/press\/articles\/malware\/article\/android-trojan-targets-customers-of-20-major-banks\/\">Android Trojan Targets Customers of 20 Major Banks<\/a><a title=\"Android banking trojan masquerades as Flash Player and bypasses 2FA\" href=\"http:\/\/www.welivesecurity.com\/2016\/03\/09\/android-trojan-targets-online-banking-users\/\"><br \/>\n<\/a><a title=\"Malware Threat Articles\" href=\"http:\/\/www.hoax-slayer.com\/malware-threat-articles.shtml\">Malware Threat Articles<\/a><\/p>\n<p>&nbsp;<\/p>\n<p><\/br><\/br> Original Source : <a href=\"https:\/\/www.hoax-slayer.net\/sophisticated-malware-attack-hijacking-australian-banking-apps-on-android-phones\/\" target=\"_blank\">https:\/\/www.hoax-slayer.net\/sophisticated-malware-attack-hijacking-australian-banking-apps-on-android-phones\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Brief Analysis: Cybercriminals are targeting customers of several Australian banks who use banking apps on Android phones \u00a0to access their accounts. The attack is perpetrated via sophisticated malware that can hijack the genuine bank apps on the phones, thereby stealing account login details and even two factor authentication codes. \u00a0The malware is getting on to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":6890,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2882","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hoax-inggris"],"_links":{"self":[{"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/2882"}],"collection":[{"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2882"}],"version-history":[{"count":0,"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/2882\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/media\/6890"}],"wp:attachment":[{"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2882"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2882"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2882"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}