[jpshare]Specifically Target to infect Android Trojan entered into Google Play store which give more pain to Google Security team to find this malware “Android.BankBot.149.origin” .
According to the Dr.Web Once this Malware Reached to the Android Device , it force to user and grant the Admin privilege and also Delete the Icon in the Home Screen.
Bank Bot Malware Specifically Target Users belongs to UK, Austria, Germany, and Turkey ,especially Bank Customers.
Few Week Before Injected Banking malware discover in Google play store. it appeared like an ordinary application with embedded malware.
Avoid Detection by Google’s security scans:
Malware Authors improves the codes of the BankBot Malware which Avoid detection by Google Security Scans .
Based on the Sophisticated Malware codes act as a non-malicious Application when Scanner trying to Detect them.
Fraudulent authentication To Access:
According to the Dr.Web Security Researchers , “Information on found matches is sent to the C&C server. The Trojan receives a list of files to be monitored from execution.”
Android.BankBot.149.origin also tries to steal bank card information. According to Dr.Web, To do that, it tracks launch of the following programs
- WhatsApp (com.whatsapp);
- Play Store – com.android.vending;
- Messenger – com.facebook.orca;
- Facebook – com.facebook.katana;
- WeChat – com.tencent.mm;
- Youtube – com.google.android.youtube;
- Uber – com.ubercab;
- Viber – com.viber.voip;
- Snapchat – com.snapchat.android;
- Instagram – com.instagram.android;
- imo – com.imo.android.imoim;
- Twitter – com.twitter.android.