Researchers at security firm FireEye have uncovered a family of malicious apps which they say are looking to imitate some of the world’s leading banking apps in order to steal personal details from customers.
The so-called ‘SlemBunk’ family looks to imitate the legitimate apps of 33 financial management institutions and service providers across the globe, particularly in North America, Europe, and the Asia Pacific region.
So far, FireEye has detected over 170 different samples of the malware, with some of the apps still operational today, including 31 banks across the globe – some of which are among the biggest banks in the world – as well as users of two popular mobile payment service provider apps.
The apps detect when specific banking or other similar apps are launched, leaping into action to phish for and harvest authentication credentials by displaying a fake login interface when a specified app is running in the foreground.
FireEye also says that it has not detected any SlemBunk apps appearing on Google Play, meaning that users will only get infected if the malware is sideloaded or downloaded from a malicious website.
Some of the newer versions of SlemBunk were observed being distributed via porn websites, as users who visit these sites are incessantly prompted to download a malicious Adobe Flash update containing the malware to continue viewing.
“The rise and evolution of the SlemBunk trojan clearly indicates that mobile malware has become more sophisticated and targeted, and involves more organised efforts,” FireEye wrote in a blog post detailing the attacks.
“We have already seen crackdowns on malware campaigns targeting mobile banking users, but we do not expect this type of activity to go away anytime soon.”
What do you know about famous hackers? Take our quiz!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…