ESET reported about stealing banking passwords app in Google Play

Photo: Pavel Smertin / TASS

Russian hackers

Denmark has accused Russia of hacking for two years
Yesterday, 03:22

The media learned about the role of London in the investigation of relationships trump with Russia
13 APR, 21:12

32 material

Specialists from the laboratory of ESET, specializing in the development of antivirus software, found in Google Play app that steals passwords from mobile banking and social networking. The Trojan is disguised as a flashlight app

Developer of antivirus software ESET reported the discovery in Google Play Android Trojan/Charger that is disguised as a flashlight app LED Flashlight Widget. The message of the company with a description of the Trojan is at the disposal of RBC.

The program asks the owner of the smartphone, the device administrator rights and permission to open Windows on top of other applications. “The virus then sends a command to the intruders’ server device information, including the list of installed applications and the holder’s photograph made the front camera,” — said in a statement.

System failure: Russian hackers in US prisons

After this, if the user opens on the device the app is mobile banking or social networking, the screen shows a fake window for data entry, and all entered passwords or credit card data are sent to the attackers. In addition, the Trojan can block the device’s screen displaying a message about downloading updates. This technique, according to experts of ESET, used in the theft of funds from the account, so attackers block the mobile so that the user failed to take action after noticing “suspicious activity”.

Photo gallery
Russian hackers attack JP Morgan, Nasdaq, Carrefour and millions of passwords

Russian authorities suspected of working together with hackers since the DDoS attack on Estonia in 2007. In the spring of that year, the authorities decided to move from the center of Tallinn the monument to Soviet soldiers and…

Show 5 photos

In this case, said the company-developer of antivirus software, if the infected device is located on the territory of Russia, Belarus or Ukraine, the virus is deactivated. ESET have suggested that in this way the creators of this Trojan are trying to avoid criminal prosecution in the countries where they allegedly reside.

In the study, ESET observed the interception of passwords Commbank, NAB and Westpac Mobile Banking, as well as Facebook, Instagram, and Google Play, however, the company pointed out that the creators of Trojan programs can “retarget” him almost any application.

Be the first to comment

Leave a Reply