Twelve Indian banks' customers are at risk as security researchers have spotted a malicious Android malware that steals banking information from users' phones. A blog by Quick Heal Security Labs has brought to notice the existence of this malware named 'Android.banker.A9480' that targets over 232 banking, cryptocurrency and e-commerce apps. The malware has the ability to steal login credentials, hijack SMSs, access contact lists and upload them to a server. It is also able to display an overlay on top of your existing apps and capture user inputs from that. Targeted banking apps in India include: axis.mobile (Axis Mobile) snapwork.hdfc (HDFC Bank MobileBanking) sbi.SBIFreedomPlus (SBI Anywhere Personal) hdfcquickbank (HDFC Bank MobileBanking LITE) csam.icici.bank.imobile (iMobile by ICICI Bank) snapwork.IDBI (IDBI Bank GO Mobile+) idbibank.abhay_card (Abhay by IDBI Bank Ltd) com.idbi (IDBI Bank GO Mobile) idbi.mpassbook (IDBI Bank mPassbook) co.bankofbaroda.mpassbook (Baroda mPassbook) unionbank.ecommerce.mobile.android (Union Bank Mobile Banking) unionbank.ecommerce.mobile.commercial.legacy (Union Bank Commercial Clients ) The malware also targets a multitude of apps from international banks, cryptocurrency wallets, Amazon Shopping app, eBay and AirBnB among others. It's all Flash's fault... kind of The infection is designed and distributed as a Trojan. Like the wooden horse from Greek mythology, the malware is disguised as a legitimate app. Android.banker.A9480 is distributed through third-party app stores disguised a Flash Player app. The legitimate Flash Player, despite its own questionable history with internet security, is widely used by millions to access various web applications. Once an unassuming user installs the malicious app, it will ask the users to…
