Beware! This Android Trojan is targeting Indian banks’ mobile apps

Global IT security firm Quick Heal's Security Labs on Thursday said it has discovered an Android Banking Trojan that imitates more than 232 mobile apps, including those offered by Indian banks like SBI, HDFC, ICICI, IDBI and Axis, among others.

According to the researchers, the malware known as "Android.banker.A2f8a" is being distributed through a fake Flash Player app on third-party stores.

You may be interested in

MobilesTablets Laptops

28% OFF

Samsung Galaxy S23 Ultra 5G

• Green
• 12 GB RAM
• 256 GB Storage

Discounted price:₹107,999Original price:₹149,999

Buy now

Google Pixel 8 Pro

• Obsidian
• 12 GB RAM
• 128 GB Storage

₹106,998

Check details

Vivo X100 Pro 5G

• Asteroid Black
• 16 GB RAM
• 512 GB Storage

₹89,999

Check details

Apple iPhone 15 Plus

• Black
• 6 GB RAM
• 128 GB Storage

₹87,900

Check details

35% OFF

Xiaomi Pad 6

• Mist Blue
• 6 GB RAM
• 128 GB Storage

Discounted price:₹25,999Original price:₹39,999

Buy now

55% OFF

Lenovo Tab M10 5G

• Abyss Blue
• 6 GB RAM
• 128 GB Storage

Discounted price:₹20,999Original price:₹47,000

Buy now

32% OFF

Realme Pad 2

• Imagination Grey
• 6 GB RAM
• 128 GB Storage

Discounted price:₹19,668Original price:₹28,999

Buy now

Honor Pad X9

• Gray
• 4 GB RAM
• 128 GB Storage

₹14,999

Check details

21% OFF

Acer Swift Go SFG14 41 NX KG3SI 002 Laptop

• Pure Silver
• 8 GB RAM
• 512 GB SSD

Discounted price:₹58,990Original price:₹74,999

Buy now

41% OFF

Acer Aspire 5 A515 57G Laptop

• Gray
• 16 GB RAM
• 512 GB SSD

Discounted price:₹52,990Original price:₹89,999

Buy now

41% OFF

Acer Aspire 3 A315 24 NX KDESI 004 Laptop

• Silver
• 8 GB RAM
• 512 GB SSD

Discounted price:₹34,490Original price:₹57,999

Buy now

40% OFF

Asus VivoBook 15 X515JA BQ322WS Laptop

• Transparent Silver
• 8 GB RAM
• 512 GB SSD

Discounted price:₹31,350Original price:₹51,990

Buy now

After downloading the app, it keeps checking for the installed apps on the victim's device and particularly looks for the 232 banking and cryptocurrency apps.

Once any of the targeted apps is found on the device, the app shows fake notifications disguised as coming from the targeted app and asks users to log in with their credentials and ultimately tricks them by stealing their login ID and password.

"Users are advised to avoid downloading apps from third party app stores or links provided in SMSs and emails to keep their credentials safe," Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal Technologies Limited, said in a statement.

"It is also strongly advised to keep device OS and mobile security app up-to-date," he added.

In the background, the app carries out malicious tasks -- it keeps checking the installed app on the victim's device and particularly looks for 232 apps (banking and some cryptocurrency apps).

If any one of the targeted apps is found on the infected device, the app shows a fake notification on behalf of the targeted banking app. If the user clicks on the notification, they are shown a fake login screen which enables stealing the user's confidential info like net banking login ID and password.

"Install a reliable mobile security app that can detect and block fake and malicious apps before they can infect your device," Quick Heal said.