Wary Indian banks operate under hackers' nose

android 8.1 developer preview
Android logo taken on August 16, 2011 JD Hancock/Flickr

Global IT security giant Quick Heal's Security Labs has announced that it has detected an Android Banking Trojan which could imitate net banking accounts and steal customer's loginID and password.

The Android Banking Trojan has already created imitated net banking versions of Indian Banks like SBI, HDFC, ICICI, IDBI and Axis along with several other mobile apps.

Researchers believe that the malware known as "Android.banker.A2f8a", which has been distributed through fake Flash Player app on third-party stores, is responsible for the net bank hacking. The hacking malware targets 232 banking and cryptocurrency apps. The malware looks for details of apps in a device just after infecting it.

It would send fake notifications in the name of banking apps asking for login credentials. The users' login ID and password get stolen once they enter their login details into these fake banking apps.

Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal Technologies Limited said, "Users are advised to avoid downloading apps from third-party app stores or links provided in SMSs and emails to keep their credentials safe...It is also strongly advised to keep device OS and mobile security app up-to-date."

Things to remember to secure your online banking accounts

Avoid downloading apps from third-party stores or from links sent via SMS/email.

Keep 'Unknown Sources' disabled on smartphones.

To disable 'Unknown Sources', go to Settings > Security > Unknown sources.

Always check app permissions before installing any app even from official app stores like Google Play Store or Apple App Store.

Install a reliable mobile security app.

Always keep the phone updated with the latest software updates.