Other popular apps like Amazon Shopping, 365Scores, PokerStars Live, eBay, Amazon for Tablets, and Western Union US have also been targeted by the said trojan. FakeApp is a known Android malware app that has been hijacking phones to insert ads and steal information since 2012, according to ZDNet.
Banking apps of lenders including Axis Bank, HDFC Bank, ICICI Bank, IDBI Bank and Union Bank are among those vulnerable. The list also included mobile passbook apps such as IDBI Bank mPassbook and Baroda mPassbook.
Symantec's advice is, predictably, not to download apps from anywhere except the Google Play store and to use anti-malware protection on your Android device. Even if a user initially denies admin access, the app continues throwing pop-up windows until the user accepts.
After the completion of app installation, the icon will not appear to the users even though he/she taps on it. In the background, the app carries out malicious tasks-it keeps checking the installed app on the victim's device and particularly looks for 232 apps (banking and some cryptocurrency apps). As soon it finds one of the targeted apps, it starts sending fake notifications which resemble the ones from the targetted apps.
Capcom has shared the development status of the Monster Hunter World
Capcom's livestream lasted about an hour and detailed what the community should expect before, during and after launch week. PS4 owners have one more beta before Monster Hunter: World hits consoles on January 26.
If anyone of the targeted apps is found on the infected device, the malware will throw up a fake notification screen that leads the user to a login screen, both created to mimic the original app. This enables the attackers to bypass SMS-based two-factor authentication on the victim's bank account (OTP).
What makes the malware particularly risky is that even if the user denies permission or administrative right or tries to kill the process on the device, "it keeps throwing continuous pop-ups until the user activates the admin privilege", said Mane. It will then ask for login credentials masked as that banking application. The public relations contact said that systems were already in place to help users "detect and block" unauthorised login attempts using hijacked passwords.
As a precaution, Quick Heal has warned Android users to avoid downloading apps from third-party sources or from links sent via text messages or emails. "Always keep your device OS and mobile security app up-to-date", the IT security firm said.
Because this phishing technique requires consumers to first download a malicious app from outside the official Play store, we recommend only downloading apps from trusted sources.