Phony Android Flash Player Installs Banking Malware

[RV_]

Excerpt:

 

"Security researchers warn that a bogus Flash Player app aimed at Android mobile devices has surfaced and is luring victims to download and install banking malware that steals credit card information and can defeat two-factor identification schemes.

 

Wells Fargo, Discovery Financial and Chase customers, along with services such as Skype, Snapchat and Facebook are targeted in these attacks. Fortinet researchers said Tuesday the phony Flash Player was spotted Oct. 21. While it is not available via the Google Play app store, it’s unclear how it’s being distributed.

 

“This banking malware can steal login credentials from 94 different mobile banking apps. Due to its ability to intercept SMS communications, the malware is also able to bypass SMS-based two-factor authentication,” said security analyst Kai Lu at Fortinet.

 

According to Fortinet, the malware is spreading in the United States, Germany, France, Australia, Turkey, Poland and Austria. If installed, it creates an icon on the Android device’s application launcher screen. According to Lu, when a user launches the bogus Flash Player, “the user is tricked into granting device administrator rights to the app through a fake Google Play Service” (below). Attackers are able to con users into activating the malware via a bogus Google Play Service screen that is actually a screen overlay."

 

Related links and more in the full article including screen shots here: https://threatpost.com/phony-android-flash-player-installs-banking-malware/121696/

 

[Newt]

Must be why I got the Email from Chase this AM.

 

Newt

[RV_]

Newt,

I take it you don't bank with Chase? Yeah, every time they social engineer one they don't get me, USAA isn't a major bank in some POVs. I've gotten some of them, never for my bank. If they did, and it looked legit, I'd call my bank to let them know they are being misrepresented.