With people’s security consciousness skewed towards the personal computer, cybercriminals are now turning to Android malware for financial fraud. Last year, Anubis banking trojan made headlines after getting onto Android devices through infected downloads from the Google Play Store. The banking apps malware would request for permission to use the accessibility service of the victim’s Android device, from which it would steal banking apps login credentials, payment cards, and e-wallets. Anubis was enabled by a “dropper,” BianLian that can sneak into the Play Store and plant malicious apps.
BianLian, which means changing from one face to another almost simultaneously in Chinese ancient dramatic art, masqueraded as one of the most common applications always in demand, like device cleaners, discounter apps, and currency calculators. Forbes reported that BianLan’s applications were working perfectly and even had good rating in the Play Store in a plot to ensure that the banking apps malware remains on the victim’s Android device for as long as possible.
As at then, Threat Fabric researchers predicted that BianLian was about to become an Android malware for banking itself, while releasing Anubis, according to Forbes.
That prediction could be coming to reality. New and “improved” BianLian has turned into a sophisticated banking apps malware, with far more new techniques of stealing banking records. It records screens to steal credentials and renders “devices unusable” by locking users out to hide its activities.
BianLian begins attack once the victim grants it permission to use their device’s accessibility services. It uses a new screencast module to record financial windows as the victim type in usernames and passwords, account numbers and credit card details. The malware uses a clocked communication channel to reach the cybercriminals in the background.
Over 20 banks are currently targeted by BianLian, according to Fortinet’s list.
Mobile banking malware is currently on the rise, according to Kaspersky which reported that such attacked –banking credential-stealing apps – tripled in 2018 from 2017.
Google is not just waiting for victims to report losses. The tech giant is drawing sophisticated measures to help users in living beyond this challenge by tracking down apps with malicious activity. Google recently took down over 100 apps linked to an adware campaign from its Play Store, according to Latest Hacking News.
Can governments contribute in any way? In the search for Islam-related file, China is forcing tourists to install file-scanning Android Malware at the border in order to read all their messages.
This is a fight Google must live up to or allow another operating system to creep into the mobile market. By increasing its Play Store monitoring and ensuring that malicious apps do not get through its safeguards, Google could mitigate this growing threat that could ridicule its dominance in the future.
