New Android Banking Trojan Can Steal 1000 Euros From PayPal Accounts
Unfortunately, Android devices are no stranger to malware and general security problems, and it’s something that isn’t likely to change any time soon. While Android is by no means the only platform with a security issue, it does have more than its fair share in the mobile world.
The latest to crop up, shared by security firm ESET, comes in the form of a Trojan that targets the PayPal app, removing 1000 Euros from their accounts.
While the Trojan does also have some additional tricks that it can play on users – you can read them all in the full ESET blog post – the fact that it can dip into a user’s PayPal account is the most obviously worrying and, because of the way it works, the most surprising.
According to ESET, the Trojan is installed via a supposed battery management app that can be found on third-party stores. Once run, the app immediately crashes and removes its icon. From here, a user is asked to enable a seemingly nondescript accessibility service, which gives the Trojan a way of interacting with the screen. That sets things up for the kicker; users are then sent a PayPal notification, urging them to open the app and log in. When they do so, the accessibility service allows the Trojan to take over, tapping buttons and entering amounts as it goes. The whole thing takes a few seconds, and is almost impossible to stop once underway.
Because a user logs in prior to the Trojan taking control, this will impact users who have two-factor authentication enabled as well as those who don’t, which makes matters even worse.
If you’re an Android user, it’s well worth reading the full rundown of what this Trojan is capable of, if only to remind everyone that enabling accessibility services they don’t know is a bad idea.