wordpress blog stats
Connect with us

Hi, what are you looking for?

Android malware disguises itself as Flash Player, targets banking apps


Twelve Indian banks’ customers are at risk as security researchers have spotted a malicious Android malware that steals banking information from users’ phones. A blog by Quick Heal Security Labs has brought to notice the existence of this malware named ‘Android.banker.A9480’ that targets over 232 banking, cryptocurrency and e-commerce apps.

The malware has the ability to steal login credentials, hijack SMSs, access contact lists and upload them to a server. It is also able to display an overlay on top of your existing apps and capture user inputs from that.

Targeted banking apps in India include:

  • axis.mobile (Axis Mobile)
  • snapwork.hdfc (HDFC Bank MobileBanking)
  • sbi.SBIFreedomPlus (SBI Anywhere Personal)
  • hdfcquickbank (HDFC Bank MobileBanking LITE)
  • csam.icici.bank.imobile (iMobile by ICICI Bank)
  • snapwork.IDBI (IDBI Bank GO Mobile+)
  • idbibank.abhay_card (Abhay by IDBI Bank Ltd)
  • com.idbi (IDBI Bank GO Mobile)
  • idbi.mpassbook (IDBI Bank mPassbook)
  • co.bankofbaroda.mpassbook (Baroda mPassbook)
  • unionbank.ecommerce.mobile.android (Union Bank Mobile Banking)
  • unionbank.ecommerce.mobile.commercial.legacy (Union Bank Commercial Clients )

The malware also targets a multitude of apps from international banks, cryptocurrency wallets, Amazon Shopping app, eBay and AirBnB among others.

 It’s all Flash’s fault… kind of

The infection is designed and distributed as a Trojan. Like the wooden horse from Greek mythology, the malware is disguised as a legitimate app. Android.banker.A9480 is distributed through third-party app stores disguised a Flash Player app. The legitimate Flash Player, despite its own questionable history with internet security, is widely used by millions to access various web applications.

Once an unassuming user installs the malicious app, it will ask the users to activate administrative rights. If the user tries to deny the request the app will keep throwing continuous pop-ups until admin rights are given.

Advertisement. Scroll to continue reading.

After the initial setup, the app runs in the background and looks for 232 particular apps (mostly banking and some cryptocurrency apps).

If anyone of the targeted apps is found on the infected device, the malware will throw up a fake notification screen that leads the user to a login screen, both designed to mimic the original app. From here the app can easily steal the user’s banking ID and passwords.

How to stay safe

  • A great rule of thumb with technology is if you don’t know what the hell you are doing, don’t do it.
  • That includes enabling developer options and installation from ‘Unknown Sources’.
  • Avoid using third-party app stores and installing unknown APK files on your phone.
  • As an extra precaution, go through the list of permissions every app requests from you during installation. If there’s something there that’s it shouldn’t need, like access to contacts lists and ability to read messages be on guard.

Written By

Writes about consumer technology, social media, digital services and tech policy. Is a gadget freak, gamer and Star Wars nerd.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.


In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...


By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...


By Stella Joseph, Prakhil Mishra, and Yash Desai The Government of India circulated proposed amendments to the Consumer Protection (E-Commerce) Rules, 2020 (“E-Commerce Rules”) which...


By Rahul Rai and Shruti Aji Murali A little less than a year since their release, the Consumer Protection (E-commerce) Rules, 2020 is being amended....

You May Also Like


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ