April 23, 2014
It’s about a bot It can capture SMS messages, redirect incoming voice calls, or capture audio using the device’s microphone. In addition, it seeks to enter the administrators of the device making it difficult to uninstall
ESET Research Laboratory detected iBanking, a malicious app for android which, when installed in a mobile phone, is capable of spying on the communications developed in it. East bot it has the ability to intercept incoming and outgoing SMS messages, redirect calls, and even capture audio from the device’s microphone.
This application was for sale on underground forums and was used by various banking Trojans with the aim of bypassing the two-factor authentication method on mobile devices. Within the financial world, this method is called “mobile transaction authorization number” (mTAN in English for “Mobile transaction authorization number”) Or mToken, and is used by several banks in the world to authorize banking operations, but it is being increasingly used by Internet services such as Gmail, Facebook and Twitter.
The way iBanking is installed is quite common, but it is the first time that a mobile application has been observed that is targeting Facebook users for fraud. Although Facebook’s double factor authentication has been around for some time, it may be that an increasing number of people are starting to use it, making account theft through traditional methods ineffective. It can also be a good way to make the user install iBanking on their phone, so that the botmasters can use the other spying capabilities of the malware.
iBaking is detected by ESET as Android / Spy.Agent.AF, and it is an application that exhibits complex features compared to previous mobile banking malware.
[+] Videos de nuestro canal de YouTube