Australian and New Zealand Banks Become Targets
Australian and New Zealand Banks are the targets of a new Malware that attacks mobile online banking users. Cyber security researchers became aware of the malware that robs login details from users that make use of mobile Android banking applications from the most prominent New Zealand and Australian banks. Two-factor authentications are the SMS with a one-time password that banks send to their clients to make sure that the transaction is authentic.
The targets are people who make use of smartphones or any other pieces of equipment that run the Android mobile operating system. The worst part is that it obstructs the functionality and effectiveness of the two-factor authentication making banking online extremely precarious.
According to cyber security researchers, this malware imitates and presents itself as the Adobe Flash Player application and seize the two-factor communication via SMS that is currently the only authentication used by banks as a security measure to their clients.
It is most likely that users will encounter this application from unendorsed resources where the malware will be downloaded and installed by the users themselves. So how is this possible you may think!
Easy! This malicious malware request administrator rights before a long list of applications is sent to the Android device from a remote server. It is then that the defenseless mobile banking application is covered with a screen that requests the person to enter sensitive login details. The moment these details are provided it is forwarded to the server where the thugs obtain them and clear the account without any disturbance. Even login details from Google are not secure. The problem here is that the malware termed as Android/Spy/Agent.SI, does not allow the user to continue without providing the correct details.
At the moment, the known banks targeted by this malware as determined by cyber security researchers are: Bendigo Bank, Commonwealth Bank, Westpac, National Australia Bank, ME Bank, St Georges Bank, ANZ Bank, and Bankwest. The New Zealand banks that are in their target are Bank of New Zealand and ASB Bank. It is also reported that some Turkish banks are also in their focus.
There are two methods to get rid of the malware. Number one is to disable all administrator rights before uninstalling the counterfeit Adobe Flash Player. The second one is to boot in Safe Mode and stop all third party applications from loading up or performing and then perform the uninstall process of the simulated Flash Player.
Most importantly, it is important to remember that although it is extremely comfortable and useful to make use of a hand-held device to do online banking, it is way more secure to use a PC or laptop where BankVault can provide peace of mind with a simple device that stops your bank account from being hacked.