Most of Australia’s major banks are being targeted by some potentially catastrophic malware on customers’ Android smartphones.
This is another in a long list of recent attacks on the Android operating system
Android/Spy.Agent.SI, as it’s been named, locks users’ phones when they open a banking app, redirecting them to a phishing server masquerading as the bank’s official site.
Android/Spy.Agent.SI is targeting major banks in Australia. Westpac, Bendigo Bank, Commonwealth Bank, St. George Bank, National Australia Bank, Bankwest, Me Bank and ANZ Bank are all listed as under threat.
The malware is distributed through infected apps, such as an update to Adobe Flash Player ( which is fake )which then ask for device administrator rights and are allowed access by unsuspecting users into nearly every corner of the Android operating system.
From there, Android/Spy.Agent.SI can monitor a device’s phone number, text messages and IMEI data, and can act as a middleman to any banking apps already installed on the phone.
When a banking app is launched, the malware locks any back or home buttons, preventing users from exiting the app until login details are entered — into the fake sign-in screen overlaid on top of the legitimate app itself.
Any two-factor authentication systems are dealt with through the malware’s access to Android text messages, and those authentication messages are deleted once access is surreptitiously granted.
So How Do You Stop Being Infected In The First Place
- Only download apps from the Google Play Store and keep your device updated and if your Android phone is 3 – 4 years old seriously look at a new one that will get the security upgrades
- Turn off allow installation of apps from sources other than the Play Store
If You Get Infected With The Banking Malware What Can You Do
The advise from some security experts is If infected you can remove this Flash Player from Applications ( ignore any warnings ) and best to do it in safe mode , however I think we can expect it to appear in other forms
My advice would be the “scorched earth policy” – wipe your phone and start again
Should iPhone Users Be Concerned?
Only affects Android users not iPhone users