Banking Malware at the Next Level with Fanta SDK

The ultimate deception for the 72% of users who do mobile banking

Hackers for the Android platform have created new and elaborate tricks to gain access into a vulnerable smartphone. By controlling a device remotely and operating as the user, a hacker can change the password to a phone. The hacker then locks the device, keeping the victim frantic and busy while the hacker drains crucial banking and financial information.

This malware began to hit the security radar around Christmas 2015, when many consumers are doing holiday shopping. Online shopping and retail brick and mortars see traffic pick up speed right after the Thanksgiving celebrations, with Black Friday sales and promotional offers all throughout December. The holiday season is the perfect time for a hacker because many patrons are dipping into their bank accounts and wallets for the perfect gift. In fact, in a survey conducted by the Trustlook Research Team, 72% of Trustlook users said that they have done mobile banking. Hackers were able to access a small amount of devices, generally going undetected and without alerting clients to the security breach.

Trustlook recently discovered this dangerous form of malware, named Fanta SDK, while doing precautionary trials on malware. A user will routinely receive an email from a bank indicating that the bank has a new update to their mobile application or that the user needs to sign into their mobile account to verify personal information. Enclosed with the email will be a false link to the mobile app that actually aids the hacker in the malware deception. A consumer will typically click on the link to download or open the application. This fake app then creates a door that the hacker can walk right through into the user’s personal data and information.

If the user notices something fishy or attempts to uninstall the app, the application will reset the device with a random password or pin. This ensures that the hacker will have ample amounts of time to retrieve the information that they want while the user is left out in the cold, powerless to do anything. Often times, this breach goes unnoticed and the hacker drains the victim’s accounts before a formal complaint can even be filed.

What do our Trustlook Researchers have as advice for the best protection? Don’t download third party apps, even when they seem secure from reputable sources. Reset passwords if you become aware of a breach to keep yourself protected. Lastly, run the Trustlook app as often as possible to ensure the highest level of security at all times.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s