CBA, NAB, ANZ, Westpac banking apps targeted by Android malware
Customers of four of the largest banks in Australia using Android devices could be at risk of a malware virus that steals account details and prevents two-factor authentication security functionality.
Millions of customers using applications from Commonwealth Bank, Westpac, National Australia Bank and ANZ Bank are all at risk of the malware, known as Android/Spy.Agent.SI.
Research revealed by ESET, a digital protection company, indicates the malware is able to steal login details by overlaying a forged login screen on infected Android devices once users try to launch the banking apps. It then captures the usernames and passwords being input.
This allows hackers to use the credentials and log into any account of the aforementioned banks.
Unfortunately the malware also has a self-defence mechanism that prevents users from un-installing the banking app from the infected device. According to a report in Business Insider, the malware can even hack text messages and intercept the two-step authentication text messages that banks generally send to confirm the identity of users who are logging in.
With this unique code, thieves can log in to an account easily and transfer money.
The malware even deletes all details of the attempted login from the device.
“This is a significant attack on the banking sector in Australia and New Zealand, and shouldn’t be taken lightly,” Nick FitzGerald, senior research fellow at ESET, said, as reported by The Sydney Morning Herald.
According to ESET, the malware is the brain child of sophisticated hackers and developed over a long period of time.
The malware gets an entry into any Android device by imitating the Adobe Flash Player application.
Android devices infected with the malware will display 'Flash Player' in the list of device administrators. You can go to the Settings > Security > Device Administrators menu to check.
If users attempt to remove ‘Flash Player’ from the list, an alert warning will pop up saying that data may be lost, but it is safe to press 'OK'. Once the device administrator rights are disabled, the malware can be uninstalled. Head to Settings > Apps/Application manager > Flash Player > Uninstall.
The Android malware will reportedly try to target other financial institutions including Bendigo Bank, St. George Bank, Bankwest, ME Bank, ASB Bank, Bank of New Zealand, Kiwibank and Wells Fargo among many more.