Days after it was noted that banking apps on Android smartphones maybe at risk, banks have issued warning to customers to do mobile banking in a secure manner. Malware alerts have been issued by banks following an advisory by Quick Heal Security Labs that it has detected an Android Banking Trojan. The Trojan targets 232-plus banking and finance apps.
Called Android.banker.A9480, the malware is designed to steal login credentials, hijack SMS, show fake notifications, send USSD requests and upload users’ contact lists on a malicious server.
The security bug imposes an overlay screen on top of legitimate banking apps to steal confidential user information like internet banking login ID and password. The malware app is reportedly being distributed through a fake Flash Player app.
Here are 12 Indian banking apps that were named in the study…
- axis.mobile (Axis Mobile)
- snapwork.hdfc (HDFC Bank MobileBanking)
- sbi.SBIFreedomPlus (SBI Anywhere Personal)
- hdfcquickbank (HDFC Bank MobileBanking LITE)
- csam.icici.bank.imobile (iMobile by ICICI Bank)
- snapwork.IDBI (IDBI Bank GO Mobile+)
- idbibank.abhay_card (Abhay by IDBI Bank Ltd)
- com.idbi (IDBI Bank GO Mobile)
- idbi.mpassbook (IDBI Bank mPassbook)
- co.bankofbaroda.mpassbook (Baroda mPassbook)
- unionbank.ecommerce.mobile.android (Union Bank Mobile Banking)
- unionbank.ecommerce.mobile.commercial.legacy (Union Bank Commercial Clients)