Tuesday, January 19, 2016

Android.Bankosy – Scary banking malware for Android – Pplware

For some time nobody spoke about innovations to the malware level in the Android world, but in fact the development of powerful malware schemes is common practice in most mobile operating system in the world.

Second Symantec, the Android.Bankosy is a complex banking malware that defeats the authentication system of two factors of Android and can not imagine how he does it !!!

 pplware_bankosy00


If there is “a thousand developers” to create security, there are certainly a million trying to dethrone that same security. This reality has always followed the technological security systems (and beyond) since the world began.



Android.Bankosy

It seems that now the “manufacturers” of malware increased their power to destroy security in Android with Android.Bankosy, a malware strain that can essentially break the security layer provided by a system of two-factor authentication based on voice.

 pplware_bankosy02

At the end of 2015 we saw an increase in the number of Trojans designed specifically to attack financial institutions and sensitive data. The security vendor Symantec not only discovered and investigated some of these Trojans, but also found and identified the strain Android.Banksy above, which added features that allows you to fool the authorization of two factors used in voice calls in the banking system.

How attacks Android.Bankosy?

The system uses the voice as part of a two-factor authorization system is relatively new in the banking sector, because it is not yet general and Cross the whole world.

Historically, banks have been using SMS to provide users with a one-time password (OTP) as a secondary resource in the process of two-factor authentication, alias, common practice in online banking services in Portugal. However, there are a number of institutions that decided to proceed with a delivery system that password through an automated voice call feature which was considered safer than the previous one, in theory, for those who advise banks on security mechanisms.

What is happening is that the Android.Bankosy can intercept the call voice and effectively collect the transmitted data.

 pplware_bankosy01

It’s really ironic that this feature was finally introduced to the notion of “improving the safety” of the process.

To Improve the security of OTP (one password time) delivery, some financial organizations started delivering OTP through voice calls instead of SMS. Once the malware is installed on the victim’s device, it opens a backdoor collects the list of system-specific information, and sends it to the command and control server to register the device And Then get a unique identifier for the device infected. If the registration is successful, it uses the unique received identifier to further communicate with the C & amp;. C server and receive commands

Symantec Dinesh Venkatesan

How can defend This malware Android users?

Be on the attack or on the like, there is an important good practice. Keep your operating system always updated and always have also updated apps. Another important practice is to have attention from where they are to install apps, always using the Play Store and not to download the protective measures and be attentive to the permissions that apps request, be wary of something, it is better not to risk. If you close your eyes when you accept the terms … may be falling into deception.

Symantec Blog

LikeTweet

No comments:

Post a Comment