ESET warns of mobile banking malware

ESET researchers warn of the underestimated threat of fake banking apps, a type of mobile banking malware that impersonates legitimate finance applications to steal credentials for, or money from, its victims’ bank accounts. While technically far from advanced, fake banking apps have strategic advantages that makes them comparably effective to much more sophisticated types of malware with the same goals.

“Our analysis of the two types of banking malware – both of which have previously been discovered in the official Google Play store – has shown that the simple operation of fake banking apps comes with certain advantages that the feared banking Trojans don’t have,” explains Lukáš Štefanko, ESET malware researcher.

The main strength of the fake apps according to Štefanko is their direct impersonation of legitimate banking applications. If users fall for the impersonation and install a fake banking app, there is a high chance they will treat the login screen displayed by the app as legitimate and submit their credentials. And, contrary to banking Trojans, there are no intrusive permission requests to raise the users’ suspicion after installation. Besides this, sophisticated banking Trojans are more prone to detection due to their advanced techniques acting as triggers for various security measures.

“While banking Trojans have long been regarded as a serious threat to Android users, fake banking apps have sometimes been overlooked due to their limited capabilities. Despite not being technically advanced, we believe fake banking apps might be just as effective at emptying bank accounts as banking Trojans,” comments Štefanko.