Jump to content

Recommended Posts

  • ExTS Admin
Posted

Security researchers from Russian firm Dr.Web have discovered a new banking trojan named Android.BankBot, which hides inside a game cheating tool for Android users.

 

Google didn't name its app store the "Play" Store for nothing because it knew very well that games would take up most of our time while on our devices, and they were right.

 

The Play Store currently harbors millions of games, from the most simple word puzzles to full-on sports simulators such as EA Madden Mobile.

 

Android.BankBot hides inside game cheating tool called HACK

 

As is with desktops, not all users are apt to play these games, and some will feel the need to cheat their way to a round's top score, or when playing against their friends.

 

The world of game cheating tools didn't stop with desktops, and there are plenty of such tools available for Android devices.

Dr.Web security researchers are now warning users not to fall victim to their pride and narcissism, and stay away from such tools.

 

The company is basing its advice on their recent discovery of a game cheating app for Android games simplistically called HACK.

 

HACK needs administrator rights to function

 

Crooks are distributing this app from third-party stores, and users who install it are immediately prompted to give it administrator rights.

 

Once it gets them, then you probably know what happens. HACK hides its icon from the home screen, fingerprints the infected device, and starts communicating with a central command server.

 

From there, crooks tell it to harvest login credentials for the user's banking apps and then instruct it to exfiltrate funds from the compromised account.

 

To go around two-factor authentication procedures, Android.BankBot can intercept and send USSD requests, SMS, and even reroute calls.

 

Android.BankBot is not as dangerous as Fanta SDK

 

Despite this, the app is not as dangerous as an Android banking trojan discovered by Trend Micro and called Fanta SDK, which, if it gets caught, locks the users device with a random PIN, in order to empty their bank account of all money.

 

Trend Micro said they found Fanta SDK on the same servers used to distribute other Android banking trojans such as ZBot.

Dr.Web also revealed that the same Web server that distributed the HACK app was spreading ZBot as well.

 

http://img.photobucket.com/albums/v708/starbuck50/cheat-tool-for-android-games-delivers-dangerous-banking-trojan-504603-3_zpsyl7kawba.png

The third - party store distributing the malicious HACK app

 

Below is a screenshot of the malicious app's required privileges, and then the app requesting administrator rights from the user.

 

http://img.photobucket.com/albums/v708/starbuck50/cheat-tool-for-android-games-delivers-dangerous-banking-trojan-504603-2_zpshngho4rz.png

HACK's installation screens

 

 

 

Source:

http://news.softpedia.com/news/cheat-tool-for-android-games-delivers-dangerous-banking-trojan-504603.shtml

Member of:

UNITE

  • Replies 0
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...