Sophisticated banking malware targets Android users
Researchers have discovered malicious software targeting online banking customers that use Android smartphones and tablets, the latest indication of a surge in attacks against the platform.聽
Researchers have discovered malicious software targeting online banking customers that use Android smartphones and tablets, the latest indication of a surge in attacks against the platform.聽
Android smartphones have become a popular target for criminal hackers looking to steal personal information and break into bank accounts.
Now,聽researchers at the聽Slovakian security firm ESET say they've聽discovered a聽new strain of malicious Android software called Spy.Agent.SI that could be particularly dangerous to users.
The malware, targeting 20 of the largest banks聽in New Zealand, Australia, and Turkey,聽locks up the device's screen unless users give up their login credentials. The malware can also聽capture text authentication codes sent out by banks 鈥 compromising two-factor authentication.聽
Hackers disguised the聽malware聽as a version of Adobe聽Flash Player, a widely聽used tool聽that runs聽video and animations on聽Internet browsers. As with most malicious tools that target聽Android devices, Spy.Agent.SI only impacts users聽that聽download their software from unofficial third-party mobile application stores instead of Google Play.
Once downloaded,聽Spy.Agent.SI聽prompts聽the user to grant it access that makes it hard to uninstall the malware. It then collects and sends a slew of information about the Android phone to an external computer controlled by hackers,聽including the name of every聽application installed on the device.聽
If the user has a mobile app from聽from one of the 20 banks targeted by Spy.Agent.SI, the malware serves up a fake login page, disguised to capture login credentials and send them聽to another computer 鈥 where they聽can be used to steal money from bank accounts.
Though hackers designed聽the malware to go after customers in聽Australia, New Zealand, and Turkey 鈥 Spy.Agent.SI聽could be easily tweaked to target customers of any bank in the world.
Spy.Agent.SI is one of thousands of increasingly sophisticated Android hacking tools that have surfaced over the past few years. Android鈥檚 enormous popularity 鈥 more than 82 percent of the world鈥檚 smartphones run the Google operating system 鈥 has made it a prime target for attackers looking to steal identity information and other data.聽According to a recent Hewlett-Packard聽survey, criminals聽only target one operating system 鈥撀燤icrosoft's Windows platform 鈥撀爉ore than聽Android.聽
Malicious attacks on Android smartphones and tablets accounted for 18 percent of all cybercrime last year compared to about 42 percent for Windows, according to HP. Even more worrying, attacks against Android are growing much faster than most other platforms.
Jon Oltsik, an analyst at the Enterprise Security Group, says there are several reasons why Android has become such a popular target for hackers. Unlike聽the iPhone鈥檚 iOS software, which is completely controlled by Apple, Android's open source code is publicly available聽to inspect and build upon. 鈥淭he bad guys can pull it apart, find its weaknesses, and exploit them more easily,鈥 Mr. Oltsik said.
"Second, the Android installed base is huge, much bigger than iOS," he said. "Third, vendors have different versions of Android and don鈥檛 always distribute patches in a timely manner."
Android also has a much larger user base than iOS, Oltsik said, and vendors often fail to deliver software patches quickly, giving hackers more leeway to exploit customers, especially in Asia, where users use smartphones for online banking more than desktops.
"So if you want to steal user credentials," he said, "you attack Android."