WELCOME TO EHOST.COM.NP

Tuesday, November 21, 2017

BankBot Trojan in Play Store Targeted Wells Fargo, Chase and Citibank Customers

           Add Comments   

ads space

Most experts will tell you that it’s a good idea to install Android applications from the Play Store rather than third-party sources. Google does a ton of work to keep the Play Store safe. Still, it’s impossible for anyone, including Google, to stay ahead of attackers all the time. So every once in a while, malicious applications sometimes make their way into the Play Store — most recently a mobile banking trojan, BankBot, that targeted Wells Fargo, Chase and Citibank customers.

More than once this year, security researchers discovered variations of the BankBot in Play Store downloads. The trojan’s been known to target users of banking apps including Wells Fargo, Chase, DiBa and Citibank who live in the U.S., Australia, Germany, Netherlands, France, Poland, Spain, Portugal, Turkey, Greece, Russia, Dominican Republic, Singapore and Philippines, and it works by laying a fake login interface over legitimate apps and intercepting login credentials.

Each time BankBot has been spotted and reported to the Play Store team, Google has been swift to take it down. But a harder-to-detect version uncovered with the help of security analysts at Avast, ESET and SfyLabs escaped notice until November 17, giving it time to infect thousands of users.

The new version of BankBot was found hiding in applications like Tornado FlashLight, Lamp For DarkNess, and Sea FlashLight on October 13. According to the researchers who discovered it, its programmers were able to circumvent the Play Store’s security scans by publishing BankBot-infected apps under multiple accounts and delaying execution of its malicious code for two hours after users granted it device administrator rights.

It can be difficult to protect against clever banking trojans like BankBot, but the folks at Avast have a few tips. They suggest checking an application’s Play Store ratings before downloading it, paying attention to its permissions requests, and denying it device administrator privileges unless it absolutely needs them. Next time you’re browsing the Play Store for apps, keep those in mind.

Source: Avast Blog

ads space

 

ADS SPACE

0 comments:

Post a Comment

Categories

Article How-to All Posts WordPress Android Web design Blogger Plugins CSS Google JQuery Plugins Programming Reviews Web Hosting Blogger Blogging Blogging Tips Tricks Web Development Facebook Git Internet Make Money Online Social Plugins Tips Tips and Tricks Tools Tutorials Windows WordPress Plugins Blogging Tips and Tricks Freebies GSM Google Analytics HTML How To's JavaScript Plugin Development S.E.O SEO SMS SmartPhone Social Media Tips amp; Tricks Top-Most Updates Webmaster Tools Whatsapp Applications Apps Blogger Basics Documentary Downloads Entertainment Gadgets Games Gmail Google AdSense Guest Post IPhone Make Money Blogging SVN Security Softwares Web Hosting Tips and Tricks Wordpress Tips Wordpress Tips and Tricks hostgator iOS Advertising Networks Advertising Technology Affiliates Antivirus Audience amp; Traffic Biography Blog post Blog post Blogger Blogger Errors Blogger Tips Blogger Tools Blogger Widget Blogosphere Bogger Widgets CSS selectors CSS symbols CSS3 Computer amp; Internet Content Writing Coupon Codes Data amp; Analytics Deleted blog Design DoubleClick for Publishers Email and newsletter marketting Email marketing Excel Tips Excel Tips and Tricks Facebook Tricks Feed Feedburner Feedburner subscribers Font Fun GitHub Giveaways Gmail primary inbox Gmail tabs Google sign-in Guides HTML amp; CSS HTML5 Infographics Inspirational Instagram Internet Marketing Internet Tips amp; Tricks Job Listings Knowledge Life Hacks Lists Make-Money Monetization amp; Conversion Monetize Navigation Online Marketing Other PHP Tutorials Passport Publishing amp; Content Quotes RSS Sidebar Smartphones Social Networking Status Tech Tech Blog Technology Telegram Themes UI / UX User Psychology amp; Research VB.Net Web Tools Web browser Widget Windows Tips Windows-10 ad viewability admin notice blogging tools bluehost cherry-pick clone cors custom scrollbar customizer dismissible notices duplicate post feed title git branch git clone gpg gpg2 hybridauth iPad icon font notice responsive wordpress theme same origin policy scrollbar signed git commit smartsvn theme customizer vcs wordpress theme wordpress themes

Blog Archive

Contact Form

Name

Email *

Message *

Copyright © Sync Media