Banking through your phone? Beware, new malware might be lurking on your key logger

Invisible Man hides within fake Flash downloader.

The spate of malware attacks recently should be enough to convince smartphone owners to be cautious of their activities on their devices, most especially if they involve users' hard-earned money and some private information. As of the latest, a new breed of malware known as 'Invisible Man' is running the key logger of some mobile banking apps on Android.

Kaspersky Labs researchers have discovered Invisible Man, a new variant of the nasty Sypend software intercepted in 2015. The new strain exploits Android's open gateway services to plant an undetectable cover atop legitimate banking apps installed on the device. This layer enables people behind the malware to record touchscreen key presses right on the app, stealing account details and password.

As a result, they will have access to a user's banking transactions. The biggest problem, however, is that they will have all the necessary details to siphon off cash through the banking app.

Invisible Man hides under a bogus Flash player downloaded as an APK from a shady website. Even if the device has just been updated with the latest security patches, it is important not to download and instal any Flash player for that matter.

According to The Register UK, the malicious software is prevalent in the UK and Germany; however, people from other parts of the world should take precautionary measures to avoid damages. As of this writing, Invisible Man has affected 14 banking apps in the UK, 10 in Germany, 9 in Australia, 9 in Turkey, 8 in France, 7 in Poland, and 6 in Singapore. Rewards app Speedway is also affected.

Roman Unuchek, a malware analyst at Kaspersky Lab, stressed that Invisible Man is capable of inflicting more damage than expected. He says, "Its malicious techniques work even on fully updated devices with the latest Android version and all security updates installed. By accessing only one system feature, this Trojan can gain all necessary additional rights and steal lots of data".

Apart from stealing banking details, the malware can instal itself as a default SMS app, allowing it to make calls, mine contacts and send and receive messages. Worst case is, it can block the owner from accessing the device.

Earlier this month, millions of iOS and Android devices have also been affected by the spy malware Broadpwn, which can remotely manipulate a device through Broadcom's Wi-Fi chip.

Related topics : Cybersecurity
READ MORE