Article is written by
Syed masud kadri (MCM.MCP. MPHIL .IT) He is IT Trainer /Consultant And Editor of indianfreepress online news paper.
Aurangabad :The BankBot Trojan, Anubis has once again affected users of the Google Play Store. This occurred when users downloaded a battery power saving app, Battery Saver Mobi and currency converter app, Currency Converter. It affected users worldwide, with Japan impacted the most.
Anubis is what is known as a BankBot. These are designed to keep an eye out for the user entering their bank details and then copy the details for a hacker to use. Typically, BankBots achieve this by looking for banking apps installed on the phone. If it finds one, it prepares an overlay that looks identical to the app’s login page. When the user boots the app, the malware shows the overlay, which the user enters their details into.
Anubis is special because it doesn’t use an overlay. Instead, it directly reads the keystrokes the user makes on the on-screen keyboard. This is known as “keylogging”.
Anubis also has the capability to take screenshots of the app and send it to the hacker. This helps with any visual security steps that can’t be detected by the keylogger. It’s also effective for spying on what the user types on a software keyboard, as keys typically have a visual cue when they’re touched. This combination of attacks helps the hacker gather enough details to access the victim’s bank account.
How the attack began by Anubis ?
In this age where even Google Play apps can be loaded with code that can download malware, it’s best to play it safe and not download any apps that have a low number of reviewers, and/or were released only very recently. Even official-looking apps have the capability of harbouring malicious code!
Computer and IT Expert Yogesh Bohare said Anubis is a particularly nasty example of Android malware, but it can be very easily dodged. Be careful of what you download, and don’t get apps that haven’t been around in the store for long, no matter how official it looks.