this post was submitted on 28 Feb 2024
75 points (87.9% liked)

Technology

59589 readers
3376 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

This article warns users about Android banking trojans, a type of malware that steals online banking credentials and drains accounts.

Key points:

  • Prevalence: These trojans are disguised as legitimate apps and pose a serious threat to Android users, with Malwarebytes detecting over 88,500 in 2023 alone.
  • Deception: They often masquerade as everyday apps like fitness trackers or QR readers or productivity or photography tools, making them difficult to identify.
  • Permissions Requests: Once installed, they request permissions like accessing photos or files, but use them to steal login details.
  • Sneaky Tactics: Some even hide their app icon on the home screen and download additional malware later, bypassing Google Play's security measures.
  • End Goal: Their ultimate aim is to steal your banking information and use it to make unauthorized money transfers.

The article emphasizes that vigilance is crucial, as these trojans are becoming increasingly sophisticated. It also references a recent Anatsa Trojan: https://www.techradar.com/pro/security/this-nasty-new-android-malware-can-easily-bypass-google-play-security-and-its-already-been-downloaded-thousands-of-times

you are viewing a single comment's thread
view the rest of the comments
[โ€“] Giooschi@lemmy.world 27 points 9 months ago* (last edited 9 months ago) (1 children)

Even after reading the key points it wasn't clear "how" they manage to do that. The article is not much more detailed, but at least mentions them exploiting android's accessibility services.

[โ€“] Squire1039@lemm.ee 11 points 9 months ago

I agree with you. The article give a good warning about downloading applications in general, but hand-wave how they escalated from "file/photo" access to capturing your data. The recent Anatsa malware's details seem to imply accessibility service. This is a Thread Fabric article about Anatsa malware: https://www.threatfabric.com/blogs/anatsa-trojan-returns-targeting-europe-and-expanding-its-reach