Even though you might find yourself in a situation where you need to call your bank to cancel your compromised card, at least you can make that call. Unfortunately, newer versions of the Android.Fakebank.B malware family delay you from making that call in the first place, according to security vendor Symantec.
Fakebank, Android malware that was first detected in 2013, scans your phone and looks at whether you have bank apps installed. Once it finds those apps, the malware prompts you to delete the official versions and install malicious versions that steal your financial login information and payment data.
According to Symantec’s blog post, however, newer versions of Fakebank go one step further by monitoring outbound phone calls. Your first instinct when you realize your financial information was compromised is to call your bank’s customer service. These newer versions stop those calls, allowing people on the other end to continue stealing your data while you figure out alternative methods of contacting your bank.
Fortunately, the new Trojan does not prevent victims from sending emails or simply using another phone. Furthermore, it was detected in Russia and South Korea, with no mention of it spreading to other parts of the world.
Even if the Trojan is restricted to those regions for the time being, Android users can follow a few strategies in order to avoid getting their devices infected. For one, make sure your software is up to date, or, at the very least, restrict your app downloading to the Google Play Store. Secondly, back up your device’s data, a strategy that pays off when you are left with no alternative but to wipe your device in order to get rid of a Trojan. Finally, be mindful of the permissions downloaded apps may request, making sure to flag any suspicious requests.
