Indian Banking And Financing Apps - WebIT MAN
Android Smartphone Cyber Security Featured Google

Android Malware Hits Hundreds of Indian Banking And Financing Apps Says Quick Heal

As per Reports Android Malware is said to have hit the android smartphone Indian Banking and Financing apps. It is believed thousands of people are to effected by the same, who use Indian Banking as well as financing apps for regular Online Transfers & Payments.

The Trojan malware, named ‘Android.banker.A9480’, is also designed to steal personal data from users, Quick Heal Security Labs reports. Similar to other banking malware, this one also sneaks into login data, SMS, contact lists as well as uploads them to a malicious server. Additionally, apart from the banking apps, this Trojan also targets cryptocurrency apps present on a user’s phone.

       If any one of the targeted apps is found on the infected device, the app shows a fake notification on behalf of the targeted banking app. If the user clicks on the notification, they are shown a fake login screen to steal the user’s confidential info like net banking login ID and password.

– said Bajrang Mane from Quick Heal.

Targeted banking apps in India

The following is a list of the apps of the banks in India that are targeted by this Android Banking Trojan:

  • axis.mobile (Axis Mobile)
  • snapwork.hdfc (HDFC Bank MobileBanking)
  • sbi.SBIFreedomPlus (SBI Anywhere Personal)
  • hdfcquickbank (HDFC Bank MobileBanking LITE)
  • csam.icici.bank.imobile (iMobile by ICICI Bank)
  • snapwork.IDBI (IDBI Bank GO Mobile+)
  • idbibank.abhay_card (Abhay by IDBI Bank Ltd)
  • com.idbi (IDBI Bank GO Mobile)
  • idbi.mpassbook (IDBI Bank mPassbook)
  • co.bankofbaroda.mpassbook (Baroda mPassbook)
  • unionbank.ecommerce.mobile.android (Union Bank Mobile Banking)
  • unionbank.ecommerce.mobile.commercial.legacy (Union Bank Commercial Clients )
Targeted cryptocurrency apps

Apart from banking apps, Android.banker.A2f8a also targets the following cryptocurrency apps.

  • bitfinex.bfxapp (Bitfinex)
  • veken0m.cavirtex (Bitcoinium)
  • brothas.mtgoxwidget (Bitcoin Ticker Widget)
  • master.cointransaction (Bitcoin/Altcoin chart, alarm, ticker)
  • leowandersleb.bitcoinsw (Flux Bitcoin Widget)
  • ozgur.btcprice (Bitcoin Price)
  • coinprices.allexchanges (Crypto Prices All-in-One)
  • blockchain.android (Blockchain – Bitcoin & Ether Wallet)
  • blockchain.merchant (Blockchain Merchant)
  • hyperwallet.wubsprepaid (WUBS Prepaid)
  • blocktrail.mywallet (BTC.com – Bitcoin Wallet)
  • claimyourbits.btcsafari (BTC SAFARI – Free Bitcoin)
  • handyapps.bitcoinpriceiq (Bitcoin Price IQ)
  • schildbach.wallet (Bitcoin Wallet)
  • blockfolio.blockfolio (Blockfolio Bitcoin / Altcoin App)
  • org.freewallet.app (Bitcoin Wallet by Freewallet)
  • bitcoin.crane.money (Bitcoin NewsCrane)
  • coinmarketapp.app (Bitcoin CoinMarketCap.com (unofficial) / Altcoin)
  • coinpayments.coinpaymentsapp (CoinPayments)
  • org.freewallet.app (Bitcoin Cash Wallet by Freewallet)
  • cenci7.coinmarketcapp (CoinMarketCapp – Blockchain Cryptocurrencies)
  • benzneststudios.cryptostory (CryptoStory – Cryptocurrency Portfolio)
  • langerhans.wallet (Dogecoin Wallet)
Also other targeted banking apps
  • sberbankmobile
  • sberbank.spasibo
  • sberbank_sbbol
  • sberbank.mobileoffice
  • sberbank.sberbankir (Sberbank IR)
  • alfabank.mobile.android
  • alfabank.oavdo.amc
  • st.alfa
  • alfabank.sense
  • alfadirect.app (Alfa-Direct)
  • mw (Visa QIWI Wallet)
  • raiffeisennews
  • idamob.tinkoff.android (Tinkoff)
  • tcsbank.c2c (Card 2 Card)
  • tinkoff.mgp (Tinkoff Play: apply for a card)
  • tinkoff.sme
  • tinkoff.goabroad (FSSP FNS Russia)
  • webmoney.my (WebMoney Keeper)
  • rosbank.android (ROSBANK Online)
  • vtb24.mobilebanking.android
  • bm.mbm
  • vtb.mobilebank (VTB Mobile)
  • bssys.VTBClient (Mobile Client VTB)
  • bssys.vtb.mobileclient (MobileClientVTB)
  • simpls.mbrd.ui
  • yandex.money
  • simpls.brs2.mobbank
  • akbank.android.apps.akbank_direkt (Akbank Direkt)
  • akbank.android.apps.akbank_direkt_tablet (Akbank Direkt Tablet)
  • akbank.softotp
  • fragment.akbank
  • ykb.android
  • ykb.android.mobilonay
  • ykb.avm
  • ykb.androidtablet
  • veripark.ykbaz
  • softtech.iscek
  • yurtdisi.iscep
  • softtech.isbankasi
  • monitise.isbankmoscow
  • finansbank.mobile.cepsube
  • enpara
  • magiclick.FinansPOS (FinansPOS)
  • matriksdata.finansyatirim (QNB Finansinvest)
  • enpara.sirketim
  • vipera.ts.starter.QNB (QNB Mobile)
  • redrockdigimark (QNB National Day)
  • garanti.cepsubesi (Garanti Mobile Banking)
  • garanti.cepbank
  • garantibank.cepsubesiro (GarantiBank)
  • matriksdata.finansyatirim (QNB Finansinvest)
  • mobinex.android.apps.cep_sifrematik
  • garantiyatirim.fx (Garanti FX Trader)
  • tmobtech.halkbank (Halkbank Mobil)
  • SifrebazCep
  • newfrontier.iBanking.mobile.Halk.Retail (Halkbank Mobile App)
  • com.tradesoft.tradingsystem.gtpmobile.halk (Halk Trade)
  • DijitalSahne.EnYakinHalkbank (Halkbank Nerede)
  • ziraat.ziraatmobil (Ziraat Mobil)
  • ziraat.ziraattablet (Ziraat Tablet)
  • matriksmobile.android.ziraatTrader (Ziraat Trader)
  • matriksdata.ziraatyatirim.pad (Ziraat Trader HD)
  • comdirect.android (comdirect mobile App)
  • commerzbanking.mobil (Commerzbank Banking App)
  • consorsbank (Consorsbank)
  • db.mm.deutschebank
  • dkb.portalapp (DKB-Banking)
  • de.dkb.portalapp
  • ing.diba.mbbr2 (ING-DiBa Banking + Brokerage)
  • postbank.finanzassistent (Postbank Finanzassistent)
  • santander.de (Santander MobileBanking)
  • fiducia.smartphone.android.banking.vr
  • creditagricole.androidapp
  • axa.monaxa
  • banquepopulaire.cyberplus
  • bnpparibas.mescomptes
  • boursorama.android.clients
  • caisseepargne.android.mobilebanking
  • lcl.android.customerarea
  • paypal.android.p2pmobile
  • wf.wellsfargomobile
  • wf.wellsfargomobile.tablet
  • wellsFargo.ceomobile
  • usbank.mobilebanking
  • usaa.mobile.android.usaa
  • suntrust.mobilebanking
  • moneybookers.skrillpayments.neteller
  • moneybookers.skrillpayments
  • clairmail.fth
  • konylabs.capitalone
  • yinzcam.facilities.verizon
  • chase.sig.android
  • infonow.bofa
  • bankofamerica.cashpromobile
  • co.bankofscotland.businessbank
  • grppl.android.shell.BOS
  • rbs.mobile.android.natwestoffshore
  • rbs.mobile.android.natwest
  • rbs.mobile.android.natwestbandc
  • rbs.mobile.investisir
  • phyder.engage
  • rbs.mobile.android.rbs
  • rbs.mobile.android.rbsbandc
  • co.santander.santanderUK
  • co.santander.businessUK.bb
  • sovereign.santander
  • ifs.banking.fiid4202
  • fi6122.godough
  • rbs.mobile.android.ubr
More targeted banking apps
  • htsu.hsbcpersonalbanking
  • grppl.android.shell.halifax
  • grppl.android.shell.CMBlloydsTSB73
  • barclays.android.barclaysmobilebanking
  • ing.mobile (ING Bankieren)
  • csob.smartbanking
  • sberbankcz (Smart Banking)
  • sporoapps.accounts
  • sporoapps.skener (Platby)
  • cleverlance.csas.servis24 (SERVIS 24 Mobilni banka)
  • westpac.bank,nz.co.westpac
  • com.suncorp.SuncorpBank (Suncorp Bank)
  • stgeorge.bank (St.George Mobile Banking)
  • banksa.bank (BankSA Mobile Banking)
  • com.newcastlepermanent (NPBS Mobile Banking)
  • com.nab.mobile (NAB Mobile Banking)
  • com.mebank.banking (ME Bank)
  • com.ingdirect.android (ING Australia Banking)
  • be (ING Smart Banking)
  • imb.banking2 (IMB.Banking)
  • fusion.ATMLocator (People’s Choice Credit Union)
  • com.cua.mb (CUA)
  • commbank.netbank (CommBank)
  • cba.android.netbank (CommBank app for tablet)
  • citibank.mobile.au (Citibank Australia)
  • citibank.mobile.uk (Citi Mobile UK)
  • citi.citimobile
  • bom.bank (Bank of Melbourne Mobile Banking)
  • bendigobank.mobile (Bendigo Bank)
  • doubledutch.hvdnz.cbnationalconference2016 (CB Conference 2017)
  • com.bankwest.mobile (Bankwest)
  • bankofqueensland.boq (BOQ Mobile)
  • anz.android.gomoney (ANZ goMoney Australia)
  • anz.android
  • anz.SingaporeDigitalBanking
  • anzspot.mobile
  • crowdcompass.appSQ0QACAcYJ (ANZ Investor Tour)
  • arubanetworks.atmanz (Atmosphere ANZ)
  • quickmobile.anzirevents15 (ANZ Investor Relations Events)
  • volksbank.volksbankmobile (Volksbank Banking)
  • fiducia.smartphone.android.banking.vr (VR-Banking)
  • volksbank.android
  • secservizi.mobile.atime.bpaa (Volksbank per tablet)
  • fiducia.smartphone.android.securego.vr (VR-SecureGo)
  • isis_papyrus.raiffeisen_pay_eyewdg (Raiffeisen ELBA)
  • easybank.mbanking (easybank)
  • easybank.tablet (easybank app)
  • easybank.securityapp (easybank Security App)
  • bawag.mbanking (BAWAG P.S.K.)
  • bawagpsk.securityapp (BAWAG P.S.K. Security App)
  • psa.app.bawag (BAWAG P.S.K. SmartPay)
  • pozitron.iscep
  • vakifbank.mobile
  • pozitron.vakifbank
  • starfinanz.smob.android.sfinanzstatus (Sparkasse Ihre mobile Filiale)
  • starfinanz.mobile.android.pushtan (S-pushTAN)
  • entersekt.authapp.sparkasse (S-ID-Check)
  • starfinanz.smob.android.sfinanzstatus.tablet
  • starfinanz.smob.android.sbanking (Sparkasse+ Finanzen im Griff)
  • palatine.android.mobilebanking.prod (ePalatine Particuliers)
  • laposte.lapostemobile (La Poste – Services Postaux)
  • laposte.lapostetablet (La Poste HD – Services Postaux)
  • cm_prod.bad
  • cm_prod.epasal (Epargne Salariale CM)
  • cm_prod_tablet.bad
  • cm_prod.nosactus
  • societegenerale.mobile.lappli
  • bbva.netcash (BBVA net cash)
  • bbva.bbvacontigo (BBVA | Spain)
  • bbva.bbvawallet (BBVA Wallet | Spain)
  • bancosantander.apps (Santander)
  • santander.app (Santander Brasil)
  • cm.android (Bankia)
  • cm.android.tablet (Bankia Tablet)
  • bankia.wallet (Bankia Wallet)
Other targeted apps
  • amazon.mShop.android.shopping (Amazon Shopping)
  • amazon.windowshop (Amazon for Tablets)
  • ebay.mobile (eBay: Buy & Sell. Explore Discount Shopping Deals)
  • airbnb.android (Airbnb)
  • scores365 (365Scores: Sports Scores Live)
  • pyrsoftware.pokerstars.net (PokerStars Poker: Texas Holdem)
  • pokerstars.cebo.psp (PokerStars Play: Free Texas Holdem Poker Game)
  • paster
  • pokerstars.eptguide (PokerStars Live)
  • pkrstrs191 (PKRSTRS Mobile 2Day App)
  • thunkable.android.avenue_mitm.Polonix
  • westernunion.android.mtapp (Western Union US – Send Money Transfers Quickly)

Tips to stay safe from Android Banking Trojans
  • Avoid downloading apps from third-party app stores as well as links provided in SMSs or emails.
  • Always keep ‘Unknown Sources’ disabled. Enabling this option allows installation of apps from unknown sources.
  • Most importantly, verify app permissions before installing any app even from official stores such as Google Play.
  • Install a reliable mobile security app that can detect and block fake and malicious apps before they can also infect your device.
  • Always keep your device OS as well as mobile security app up-to-date.

Android Malware Hits Hundreds of Indian Banking And Financing Apps Says Quick Heal

Source – Quick Heal

Related posts

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More