[ad_1]
mBank reports on his pages a new malicious application that attacks Android smartphone users. The application claims to update the system
Ignore the message
Instead of updating the system, it takes control of the victim device. It makes the attempt to launch the application for the e-bank stop displaying a specially prepared overlay. It simulates the appearance of the genuine application and supports connection data.
Superposition of Faszysz claiming to be an application mBank Fig. mBank
The information goes to criminals and they use it to log on to the victim's account. In the final stage of the attack, the attacker receives a request to enter the authorization code sent by means of an SMS message. It opens the way for criminals to change the data of a trusted recipient. And this usually leads to the total deletion of the account.
The application can hide
This time, as the experts explain mBank, cybercriminals have tried to erase. The malicious application is able to force the system to restore the factory settings. This can make it difficult to track law enforcement agencies and find out more about the details of the attack.
Customers from other banks are also at risk
Previous experiences allow us to believe that a malicious application will also attack customers of other banks. Cyber criminals have fake copies of most Polish financial institutions.
Scum of arsenals of malicious applications
Criminals have other dangerous applications in their arsenal that can cause even more harm than overlaying. The fact that the download of applications from unauthorized sources can be the cause of big losses has been learned by one of Niebezpiecznik's readers. He discovered on the phone of one of his clients a malicious application that turned out to be a Trojan.
This Trojan has extracted data from the application mBank, sent a transfer, read a confirmation SMS and deleted an SMS it did not come at all, so he has it taken and the cell did not report that the SMS arrived). […] That's how he disappeared 10k
– explains the victim. Therefore, it is best to deal with security issues seriously.
How to avoid the infection?
The latest application, like many others, is distributed through unauthorized application stores, text messages or e – mail. A few days ago, we wrote that the criminals were trying to force the victims to update the LTE driver. And in this case, it really meant taking control of the device.
To read also: What differentiates ransomaware from malware? Learn more about differences and be safe
In addition to avoiding suspicious applications, you should also read all text messages from the bank. Users usually focus on rewriting the code itself. In the meantime, the message has a warning that when authorizing the transaction, we modify the trusted recipient's data.
***
[ad_2]
Source link
