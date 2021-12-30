A banking Trojan for Android, potentially very dangerous, is running on the net. This was reported by the Cyble researchers

Nth fraudulent campaign reported by cybersecurity researchers of Cyble. This time the alarm went off Android, where a new one was identified banking trojan potentially dangerous for the victims. Apparently, there is a fake web page that remembers the Google Play Store in all respects.

Through a mobile banking app called Itau Unibanco, the scam is triggered. It has not yet been understood exactly how users are redirected to the page in question, but a possible phishing campaign. Once you have pressed the download button to download the app in question, a Malicious APK.

Home banking app with trojans, the risks for users

To start the scam in full, users must first download the package with the APK and then run it. At this point the actual mechanism is activated. The trojan proceeds with the download of the real home banking application, and uses it for delete accounts of the victims. For this type of operation, no special authorizations are required. Missing ones are also compensated for through the accessibility service, capable of providing the trojan with everything it needs to bypass Android’s security protections.

After some reports, now the web page that emulated the Play Store has been removed from the network. To avoid running into scams of this type, in general, the advice is to never download content from unofficial sources. It is always good to pay attention to the various alarm bells, such as spelling errors or “strange” addresses.