Banking Trojan targets Android phones
Anti-virus vendor ESET has discovered a banking Trojan that targets Facebook users, in an attempt to gain access to their online banking details.
The iBanking app lures unsuspecting users into installing a fake Facebook app, and then asks for a phone number in order to intercept messages, including authentications from banks.
According to Lee Bristow, security consultant at ESET Southern Africa, the "extremely invasive" bot allows hackers to listen to calls and intercept SMS messages.
"The message displayed is full of spelling mistakes and bad grammar, and this should be a warning sign to anyone thinking of continuing any further and entering their telephone number," says ESET in a statement.
Bristow says the threat was discovered while ESET was tracking Trojan Win32/Qadars - described by the Windows Malware Protection Centre as "a malicious program that is unable to spread of its own accord". The Win32/Qadars Trojan is able to perform whatever actions an attacker desires.
Beza Belayneh, CEO of the South African Centre for Information Security, says such Trojans show how users are constantly faced with "rapidly evolving and sophisticated cyber threats".
According to Belayneh, users with increased cyber security resilience will help rebuild trust in the Internet, which he says is being constantly eroded with the emergence of new hacking strategies.
ESET notes iBanking can be used in conjunction with any malware able to inject code into a Web page. "It could be reused by other, more mainstream banking Trojans in the future," adds Bristow.
Bristow notes the "Web inject configuration file and the iBanking Android application can be bought in underground forums".