Trojan: Anubis as it moves

Trend Micro researchers have discovered a banking Trojan called Anubis on Google Play and motion-sensitive malware.
Recently, especially the number of malicious software for mobile devices has increased. Trend Micro researchers have discovered two malicious banking software on Google Play that is likely to spread to large masses of users. These two applications, called Currency Converter and BatterySaverMobi, which have many advantages for apparently online banking users, were soon removed from Google Play.

BatterySaverMobi, which is stated to help save battery usage, was downloaded 5 thousand times before the application was removed. Most of the comments about the application, which received a high score of 4.5 from 73 users, were anonymous and did not reflect the truth.

Through the Currency Converter and BatterySaverMobi applications, which help to turn currencies, attackers are stored here by accessing the user's device and sensors. When users move their devices, trojan is activated with data from the motion sensor. Attackers are tracking devices through these sensors, and when they determine the motion, they install the banking Trojan Anubis through the Android Application Package and with the fake system update message. However, the application does not detect any movement does not activate the Trojan.

A key recorder, which is included in the application, uses two different ways to get the banking information by taking a screenshot of the malware while secretly recording the keys. In other words, your bank password is saving this information when you key in your credentials. In addition, the attacker can access the contact list, location information on the device via the Trojan, record conversations, send SMS, search, and infiltrate external storage. In this way, attackers can transmit malware to other devices and users by spam messages and fake calls. Researchers say that Anubis can also work as ransomware.

Trend Micro Mediterranean Region Technical Team Manager says that the latest active version of Anubis is already spreading to 93 countries and trying to infiltrate the account information associated with 377 financial applications. "Mobile security vulnerabilities can cause serious harm to many users, because devices store a lot of information and are connected to many different accounts. Users have to be very careful with applications that demand information about banking transactions. they must be sure

Posted using Partiko Android