Android, being open source and all, is a prime target for makers of malicious software, and even though Google’s ubiquitous mobile platform has become more and more secure through the generations, it still seems to encounter unwanted threats more frequently than iOS or Windows Phone. A new strain spotted by Russian security experts threatens more than 500,000 Android users by taking advantage of the way some banks process information through SMS, and with the ability to assume almost full control of an afflicted device, it’s actually rather dangerous.
Group-IB, based in Russia, has spotted this new malware, which can completely take over an Android smartphone or tablet once installed, and utilize cunning social engineering techniques to draw users in. As Group-IB’s head of botnet intelligence Nikita Kislitsin notes, "the criminals come up with new social engineering techniques to trick people," and "try to mimic software updates to well-known software applications or plugins."
With the Google Play Store even having been faked in this phishing-like scam, many users could easily be fooled, and the ultimate purpose of the ploy is to access a user’s SMS messages containing banking info.
When a bundle of information is acquired about an individual’s money situation and banking behavior, the fraudsters can then determine how useful a potential victim is, and take action accordingly.
Although users in the U.S., Europe and Russia have been affected by the malware, it’s the latter nation facing the biggest fear. Given that an overwhelming majority of Russian banks use SMS to deliver sensitive banking-related data, this should come as no surprise, but even if you don’t process any transactions or money-related data through your Android device, you can not afford to be complacent.
The untraceable app can also access personal info like contacts and pictures, and with some 541,000 devices affected, this is one of the more severe outbreaks we’ve seen this year on Android.
Those worried should go ahead and install an anti-virus software from one of the reputable names in the industry. Additionally, always try and stick with the original, official Google Play Store rather than downloading and installing apps from sketchy, third-party alternatives that tend to harbor these kinds of malicious bugs.
You may also like to check out: