Quick Heal finds trojan imitating banking, cryptocurrency apps

Cyber security solutions firm Quick Heal today said it has spotted an Android banking trojan that imitates over 232 apps, including those offered by Indian banks, and steals user data.
The malware known as Android.banker.A2f8a is being distributed through a fake Flash Player app on third-party stores, Quick Heal said in a statement.
After downloading the app, the trojan keeps checking for the installed apps on the victim's device and particularly looks for the 232 banking and cryptocurrency apps, it added.
Once any of the targeted apps is found on the device, the app shows fake notifications disguised as coming from the targeted app and asks users to log in with their credentials and ultimately, tricks them by stealing their login ID and password.

"Users are advised to avoid downloading apps from third party app stores or links provided in SMS and e-mails to keep their credentials safe," Quick Heal Technologies Joint Managing Director and Chief Technology Officer Sanjay Katkar said.
He also advised users to install reliable mobile security solutions that can detect and block malicious apps before they infect device and steal sensitive data.