Sophisticated banking malware targets Android users
Android smartphones have become a popular target for criminal hackers looking to steal personal information and break into bank accounts.
Now,听researchers at the听Slovakian security firm ESET say they've听discovered a听new strain of malicious Android software called Spy.Agent.SI that could be particularly dangerous to users.
The malware, targeting 20 of the largest banks听in New Zealand, Australia, and Turkey,听locks up the device's screen unless users give up their login credentials. The malware can also听capture text authentication codes sent out by banks 鈥 compromising two-factor authentication.听
Hackers disguised the听malware听as a version of Adobe听Flash Player, a widely听used tool听that runs听video and animations on听Internet browsers. As with most malicious tools that target听Android devices, Spy.Agent.SI only impacts users听that听download their software from unofficial third-party mobile application stores instead of Google Play.
Once downloaded,听Spy.Agent.SI听prompts听the user to grant it access that makes it hard to uninstall the malware. It then collects and sends a slew of information about the Android phone to an external computer controlled by hackers,听including the name of every听application installed on the device.听
If the user has a mobile app from听from one of the 20 banks targeted by Spy.Agent.SI, the malware serves up a fake login page, disguised to capture login credentials and send them听to another computer 鈥 where they听can be used to steal money from bank accounts.
Though hackers designed听the malware to go after customers in听Australia, New Zealand, and Turkey 鈥 Spy.Agent.SI听could be easily tweaked to target customers of any bank in the world.
Spy.Agent.SI is one of thousands of increasingly sophisticated Android hacking tools that have surfaced over the past few years. Android鈥檚 enormous popularity 鈥 more than of the world鈥檚 smartphones run the Google operating system 鈥 has made it a prime target for attackers looking to steal identity information and other data.听According to a recent Hewlett-Packard听survey, criminals听only target one operating system 鈥撎齅icrosoft's Windows platform 鈥撎齧ore than听Android.听
Malicious attacks on Android smartphones and tablets accounted for 18 percent of all cybercrime last year compared to about 42 percent for Windows, according to HP. Even more worrying, attacks against Android are growing much faster than most other platforms.
Jon Oltsik, an analyst at the Enterprise Security Group, says there are several reasons why Android has become such a popular target for hackers. Unlike听the iPhone鈥檚 iOS software, which is completely controlled by Apple, Android's open source code is publicly available听to inspect and build upon. 鈥淭he bad guys can pull it apart, find its weaknesses, and exploit them more easily,鈥 Mr. Oltsik said.
"Second, the Android installed base is huge, much bigger than iOS," he said. "Third, vendors have different versions of Android and don鈥檛 always distribute patches in a timely manner."
Android also has a much larger user base than iOS, Oltsik said, and vendors often fail to deliver software patches quickly, giving hackers more leeway to exploit customers, especially in Asia, where users use smartphones for online banking more than desktops.
"So if you want to steal user credentials," he said, "you attack Android."
听
