IBM X Force has unearthed a new Android malware campaign dubbed “Anubis threat” that spreads via fake Google play store apps. The banking trojans are majorly found in apps that promise offers services such as online shopping and stock market monitoring. The developers of the malware require a large investment of resources for the campaign, and hence it was targeted for users of Google Play.
But now a question arises now was the Trojan able to bypass the Google Play security controls? The developers have altered the code, and also they have not preloaded the trojan on the fake apps. Instead, the apps are infected with a grey area malware called Downloader. The downloaders are popular among cybercriminals, and they simply download and installs the software. The malware has been designed to steal the passwords and other critical login credentials of banking apps and e-wallets, credit cards and other payment methods.
Currently, the malware targets Turkish users, but may it not take much time to target users in other countries. The users in countries like U.S, Germany, France, Australia, Newzealand, China, Spain, U.K, Germany and Japan are also under the radar. IBM X Force identified Canli Borsa and Sahibinden apps with malware downloaders. The researchers also observed the evolution of the malware code over time indicating they are maintaining the malware campaign on a regular basis. Further, IBM researchers also suspect that the cybercriminals might have monetised the malware campaign. Earlier, the malware campaigns are primarily targeted at PC users but now the spread of the campaigns across mobile users is an increased risk factor.
Here are the tips IBM researchers suggest to smartphone users to safeguard from mobile malware:
-Update your phone Os as soon as the update is available.
-Enable a screen-lock passcode to unlock your device.
-Install a security app on your device.
-Further, delete the apps that are no longer in use and update the downloaded apps frequently.
-Do not download apps from third-party stores.
-Do not jailbreak or root the device.
-Avail links to payment and banking apps directly from the service providers website.