BankBot Trojan, Anubis Passwords And Payment Cards Details Stealer Active On Play Store


Article is written by

Syed masud kadri (MCM.MCP. MPHIL .IT) He is IT Trainer /Consultant And Editor of indianfreepress online news paper.

Aurangabad :The BankBot Trojan, Anubis has once again affected users of the Google Play Store. This occurred when users downloaded a battery power saving app, Battery Saver Mobi and currency converter app, Currency Converter. It affected users worldwide, with Japan impacted the most.

Anubis is a trojan that moves within a users device undetected, stealing data relating to the user Banking Details. It hides within apps and deploys onto a device after the user unknowingly permits it to do so.
What is a Trojan ?
Android/Trojan Agent is a malicious app that runs in the background of a mobile device not know to the user. … Often, it impersonates a system app on the mobile device making it especially difficult to identify.
What Banbot Trojan Anubis does ?
Anubis Banking Malware steal passwords and payment cards details from mobile device.

Anubis is what is known as a BankBot. These are designed to keep an eye out for the user entering their bank details and then copy the details for a hacker to use. Typically, BankBots achieve this by looking for banking apps installed on the phone. If it finds one, it prepares an overlay that looks identical to the app’s login page. When the user boots the app, the malware shows the overlay, which the user enters their details into.

Anubis is special because it doesn’t use an overlay. Instead, it directly reads the keystrokes the user makes on the on-screen keyboard. This is known as “keylogging”.

Anubis also has the capability to take screenshots of the app and send it to the hacker. This helps with any visual security steps that can’t be detected by the keylogger. It’s also effective for spying on what the user types on a software keyboard, as keys typically have a visual cue when they’re touched. This combination of attacks helps the hacker gather enough details to access the victim’s bank account.

How the attack began by Anubis ?

The attacks began due to people downloading official-looking apps that have been laced with malware-downloading code. The key here is that the apps in question had only been in the store for a few days and had very little in terms of user reviews and downloads.

In this age where even Google Play apps can be loaded with code that can download malware, it’s best to play it safe and not download any apps that have a low number of reviewers, and/or were released only very recently. Even official-looking apps have the capability of harbouring malicious code!

Computer and IT Expert Yogesh Bohare said Anubis is a particularly nasty example of Android malware, but it can be very easily dodged. Be careful of what you download, and don’t get apps that haven’t been around in the store for long, no matter how official it looks.

Leave a Reply

Your email address will not be published. Required fields are marked *