All the latest UK technology news, reviews and analysis


Windows banking Trojan jumps to target Android

23 Jan 2014
Android logo

Malware capable of infecting Android handsets using Windows PCs and laptops has been uncovered targeting developers.

Security response manager at Symantec Alan Neville told V3 the malware is atypical as it uses a two-stage attack process to jump from Windows PCs to Android handsets.

"It starts with a Trojan that when executed creates a new service on a Windows machine," he said. "It then targets Android devices that connect on USB. It uses the Android debugging bridge to deliver the Fakebank Trojan."

Fakebank is a notorious Trojan designed to take victims' financial data. Neville explained: "It looks for a specific set of Korean banking applications. If these are found the Trojan asks the user to install an update. When this notification is clicked it actually downloads a malicious version of the app."

Neville added that the Trojan is particularly nasty as it also has remote SMS message-monitoring capabilities. He said the complex nature of the attack indicates that the campaign is designed to target developers.

"The attack uses a new method that is quite complex. Because it uses the Android Debug Bridge, a mode that requires the user to activate it before connecting it via USB, its reach is quite limited and it is only really a threat to people like developers," he said.

F-Secure security analyst Sean Sullivan agreed, arguing that while the infection method is atypical, the more concerning element is the way the malware dupes users to download the malicious payload.

"Banking Trojans have been cross-platform for a while now, but not via a connected cable. They've used social engineering, injecting a request for phone model or number into the compromised Windows-based banking session," he told V3.

"To me, the more worrying thing about this particular Korean campaign is that the malicious app is prompting victims to replace mobile banking apps with counterfeits."

Trojans are a growing problem facing Android users. Thanks to the platform's open nature it is fairly easy for criminals to target Android, letting them load and distribute malicious applications onto third-party stores without scrutiny.

Cisco estimated that 99 percent of all mobile malware is designed to target the Android ecosystem in its latest threat report, released earlier in January.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

Windows 7 end of mainstream support

What are your plans for when Microsoft ends mainstream support for Windows 7 in January 2015?
10%
9%
3%
64%
14%

Popular Threads

Powered by Disqus
LG G3 in gold black and white

LG G3 vs Galaxy S5 video

We pit the two Korean firms' flagship smartphones against each other

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

First Line Support Technician - Poole, Dorset

TribePost Ltd are working on behalf of Oak Telecom...

[Mandarin] Technical Support

The Role We are looking for highly motivated, technically...

JavaScript Developer

Developer (Javascript) London £40,000 Reporting...

Experienced Project Manager

Our award winning and highly successful client is seeking...
To send to more than one email address, simply separate each address with a comma.