IBM X Force has unearthed a new Android malware campaign dubbed “Anubis threat” that spreads via fake Google play store apps. The banking trojans are majorly found in apps that promise offers services such as online shopping and stock market monitoring. The developers of the malware require a large investment of resources for the campaign, and hence it was targeted for users of Google Play.
But now a question arises now was the Trojan able to bypass the Google Play security controls? The developers have altered the code, and also they have not preloaded the trojan on the fake apps. Instead, the apps are infected with a grey area malware called Downloader. The downloaders are popular among cybercriminals, and they simply download and installs the software. The malware has been designed to steal the passwords and other critical login credentials of banking apps and e-wallets, credit cards and other payment methods.
Currently, the malware targets Turkish users, but may it not take much time to target users in other countries. The users in countries like U.S, Germany, France, Australia, Newzealand, China, Spain, U.K, Germany and Japan are also under the radar. IBM X Force identified Canli Borsa and Sahibinden apps with malware downloaders. The researchers also observed the evolution of the malware code over time indicating they are maintaining the malware campaign on a regular basis. Further, IBM researchers also suspect that the cybercriminals might have monetised the malware campaign. Earlier, the malware campaigns are primarily targeted at PC users but now the spread of the campaigns across mobile users is an increased risk factor.
Always on the move with the latest happenings in the field of technology and health. When I am not writing, you can find me listening to the latest chartbusters. Also being a sports geek, I always keep a close eye on all the latest happenings.
