azorius.net

[Malwarebytes Blog] Android banking trojans: How they steal passwords and drain bank accounts (www.malwarebytes.com)
from Squire1039@lemm.ee to technology@lemmy.world on 28 Feb 2024 07:08
https://lemm.ee/post/25138461

This article warns users about Android banking trojans, a type of malware that steals online banking credentials and drains accounts.

Key points:

Prevalence: These trojans are disguised as legitimate apps and pose a serious threat to Android users, with Malwarebytes detecting over 88,500 in 2023 alone.
Deception: They often masquerade as everyday apps like fitness trackers or QR readers or productivity or photography tools, making them difficult to identify.
Permissions Requests: Once installed, they request permissions like accessing photos or files, but use them to steal login details.
Sneaky Tactics: Some even hide their app icon on the home screen and download additional malware later, bypassing Google Play’s security measures.
End Goal: Their ultimate aim is to steal your banking information and use it to make unauthorized money transfers.

The article emphasizes that vigilance is crucial, as these trojans are becoming increasingly sophisticated. It also references a recent Anatsa Trojan: techradar.com/…/this-nasty-new-android-malware-ca…

#technology

threaded - newest

Giooschi@lemmy.world on 28 Feb 2024 07:17 next collapse

Even after reading the key points it wasn’t clear “how” they manage to do that. The article is not much more detailed, but at least mentions them exploiting android’s accessibility services.

Squire1039@lemm.ee on 28 Feb 2024 07:43 collapse

I agree with you. The article give a good warning about downloading applications in general, but hand-wave how they escalated from “file/photo” access to capturing your data. The recent Anatsa malware’s details seem to imply accessibility service. This is a Thread Fabric article about Anatsa malware: threatfabric.com/…/anatsa-trojan-returns-targetin…

gofsckyourself@lemmy.world on 28 Feb 2024 08:33 next collapse

This seems more like an ad for Malwarebytes’ premium service than an informational post.

Omgboom@lemmy.zip on 29 Feb 2024 20:21 collapse

Fuck malwarebytes forever. I’ll never forgive them for not honoring my perpetual licenses that I purchased before they became subscription based all those years ago. I told them I was going to talk shit about them until the day I died, and I will keep that promise. I actually had to install malwarebytes the other day to try and fix a computer, malwarebytes itself is treading a fine line of being malware. It continually tells you you need to purchase a subscription, the app tries to get you to purchase a VPN through them, it gives random popups, I had no idea their service had gotten so bad.

gofsckyourself@lemmy.world on 29 Feb 2024 23:39 collapse

Yeah, I have not used Malwarebytes in years because it was obvious the quality has significantly declined.

LainTrain@lemmy.dbzer0.com on 28 Feb 2024 11:26 next collapse

But I thought the data storage even if not encrypted (which afaik is standard as well) is now isolated for each app? And surely accessibility permissions are a separate category you have to grant also?

Squire1039@lemm.ee on 28 Feb 2024 11:36 collapse

Yeah, the app data are separated and inaccessible, unless specified by the developer. Accessibility service is a separate permission, and should almost never be asked or granted, where as file/photo accesses are more common.

mindlight@lemm.ee on 29 Feb 2024 07:42 collapse

Wait what… Who can login to the internet bank with just a user/password?

We’ve had MFA requirement here in Sweden since the early 00’s…

doppelgangmember@lemmy.world on 29 Feb 2024 20:00 collapse

mean while 23andme gaslighting customers

👀