Android HijackRAT poised to hit mobile banking users

  • 2 July 2014
  • 1 reply
  • 2 views

Userlevel 7
Author/ Zeljka Zorz/ HNS Managing Editor Posted on 02.07.2014
 
A highly versatile piece of Android malware has been unearthed by FireEye researchers.

Posing as "Google Service Framework", the malicious app is capable of stealing phone and user information, banking credentials, and gives the malware peddler remote access to the device. And, in addition to all this, it's also able to kill a range of AV apps.

http://www.net-security.org/images/articles/android-malware2.jpg
Currently, this "framework to conduct bank hijacking" is targeting only customers of eight South Korean banks, but the malicious developer could easily target more in the future, and not just in South Korea.
 
Help Net Security/ Full Read Here/ http://www.net-security.org/malware_news.php?id=2800
 
 

1 reply

Userlevel 7
Badge +62
New Android Malware 'HijackRAT' Attacks Mobile Banking Users
Wednesday, July 02, 2014 Mohit Kumar
 
Cybercriminals have rolled out a new malicious Android application that wraps different varieties of banking fraud trick into a single piece of advanced mobile malwareGOOGLE SERVICE FRAMEWORK - APPLICATION OR MALWARE?   Security researchers at the security firm FireEye have came across a malicious Android application that binds together the latest and older hijacking techniques. The malicious Android app combines private data theft, banking credential theft and spoofing, and remote access into a single unit, where traditional malware has had only one such capability included in it. Researchers dubbed the malware as HijackRAT, a banking trojan that comes loaded with a malicious Android application which disguises itself as “Google Service Framework,” first and the most advanced Android malware sample of its kind ever discovered, combining all the three malicious activities together.  

Reply