Researchers at IT security firm ESET have warned of the emerging threat of fake banking apps.
Research on the malware landscape for Android operating systems found that that cyber criminals have developed mobile banking malware that impersonates legitimate finance apps to obtain victims’ credentials, before stealing money from their bank accounts.
The analysis said that “while technically far from advanced”, these banking apps, which overlay mobile app platforms, have strategic advantages for criminals, meaning they are almost as effective at more sophisticated “Trojan horse” forms of malware hacks aimed at stealing money from unsuspecting consumers.
If users fall for the impersonation and install a fake banking app, there is a high chance they will treat the login screen displayed by the app as legitimate and submit their credentials, the researchers found.
Furthermore, contrary to banking Trojans, there are no intrusive permission requests to raise the users’ suspicion after installation.
Lukáš Štefanko, ESET malware researcher, said: “Our analysis of the two types of banking malware - both of which have previously been discovered in the official Google Play store - has shown that the simple operation of fake banking apps comes with certain advantages that the feared banking Trojans don’t have.
“While banking Trojans have long been regarded as a serious threat to Android users, fake banking apps have sometimes been overlooked due to their limited capabilities,” he concluded, adding that these apps could be just as valid a strategy for “emptying bank accounts as banking Trojans”.
Latest News
-
Financial institutions prepare for expansion as 55% expect business growth
-
Spanish bank BBVA tells wealthy clients to invest in Bitcoin and cryptocurrencies
-
Unzer joins European Payments Initiative to support Wero rollout
-
British Business Bank partners with Avellinia Capital to boost funding for UK FinTech lenders
-
Spain's Banco Sabadell explores sale of TSB
-
Klarna launches AI-powered hotline featuring CEO avatar
Banking's GenAI evolution: Beyond the hype, building the future
In the first episode of a three-part video podcast series sponsored by HCLTech, Sudip Lahiri, Executive Vice President & Head of Financial Services for Europe & UKI at HCLTech explores how financial institutions can navigate the transformative potential of Generative AI while building lasting foundations for innovation.
Beyond compliance: Transforming document management into a strategic advantage for financial institutions
In this exclusive fireside chat, John Rockliffe, Pre-Sales Manager at d.velop, discusses the findings of Adapting to a Digital-Native World: Financial Services Document Management Beyond 2025 and explores how FSIs can turn document workflows into a competitive advantage.
Sanctions evasion in an era of conflict: Optimising KYC and monitoring to tackle crime
The ongoing war in Ukraine and resulting sanctions on Russia, and the continuing geopolitical tensions have resulted in an unprecedented increase in parties added to sanctions lists.
Achieving operational resilience in the financial sector: Navigating DORA with confidence
Operational resilience has become crucial for financial institutions navigating today's digital landscape riddled with cyber risks and challenges. The EU's Digital Operational Resilience Act (DORA) provides a harmonised framework to address these complexities, but there are key factors that financial institutions must ensure they consider.
© 2019 Perspective Publishing Privacy & Cookies
Recent Stories