After last year’s rain of smartphone virus and malware, IT security firm Quick Heal’s Security Labs has spotted a new Trojan on Android phones. This time, the Trojan virus is aimed at stealing your banking data and cryptocurrency credentials.
This new-found Trojan for Android smartphones is disguised as a flash player application, being called ‘Android.banker.A2f8a’. While it is not directly available in Play Store, the app is open for download on third-party stores which makes it dangerous. Once installed, it can steal your banking credentials and cause heavy damages on your pocket.
Android.banker.A2f8a: The latest Android Trojan
Discovered by Quick Heal’s Security Labs, the virus may have already spread to a certain extent. This trojan virus comes as a Flash Player application for your Android smartphone. If you download it, it will start scanning your phone for vulnerable apps.
This virus is capable of imitating 232 Android banking apps including the ones from SBI, ICICI, Axis Bank, IDBI, and other major providers. Upon finding one of these apps, the malware sends you false notifications requesting you to log into your ID. As soon as you login, it will steal your Banking ID as well as the password.
While banking apps are the primary targets, Cryptocurrency apps are also vulnerable to this malware. However, on the positive side, the virus is not directly available on the Play Store. So, if you’re downloading apps from anywhere else other than the Google Play Store, there are chances of this malware entering your Android device.
How to safeguard your phone
Since banking and cryptocurrency credential leak can do utmost damage to your pocket, it is important to keep your phone safe. We recommend you do not download any applications from the links received over SMS or email. Download all the apps from Google Play Store only.
Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal Technologies Limited, said “Users are advised to avoid downloading apps from third party app stores or links provided in SMSs and emails to keep their credentials safe. It is also strongly advised to keep device OS and mobile security app up-to-date.”