Light Dark
January 24, 2017 By Mark Samuels 2 min read

The security problems that have plagued Android devices in the past continue to dominate headlines. Now, security researchers from Russian antivirus specialist Dr. Web reported that cybercriminals had posted the source code for an Android Trojan and instructions on how to make the most of it on an underground hacking forum.

The researchers said the open availability of the code could lead to an increased risk of banking Trojan attacks. Android users, both businesses and individual consumers, should take appropriate security steps.

Banking Trojan Source Code Leaked

The miscreants, Dr. Web reported, published the malware’s source code about a month ago. Even more worryingly, the firm has already detected instances of this code in the wild.

Fraudsters modified the original source code and released a banking Trojan known as Android.BankBot. This Trojan is injected into Android application packages (APKs) and distributed through popular applications that are available online or via third-party app stores, The Hacker News reported.

Android.BankBot tracks the launch of banking applications, payment services and social media apps such as Facebook, Instagram and Twitter to steal the device owner’s personal information.

The Trojans Are Coming

The Trojan then uploads stolen data online and provides a way for cybercriminals to steal cash through a back-end application. Android.BankBot can also intercept and send text messages, and prevent users from accessing important messages from financial organizations.

But the distribution of the source code behind Android.BankBot is even more newsworthy than the potential loss of personal information and banking details. According to Dr. Web, Trojans are normally created by virus writers and sold online for significant amounts of cash — not posted for free. Researchers at the firm predicted that many similar Trojans will soon appear due to the availability of the source code.

Advice for Android Users

The Trojan relies on tricking users into granting administrator privileges. Users should be suspicious of applications asking for access to deep-lying functionalities and avoid providing undue privileges.

The Hacker News also advised IT leaders to turn off the ability to download APKs from third-party sources, educate users about the risk of opening attachments or clicking links from unknown sources and avoid unsecured Wi-Fi hotspots.

 |  |  |  |  |  |  | 
Mark Samuels
Tech Journalist

More from

November 15, 2024

Cybersecurity dominates concerns among the C-suite, small businesses and the nation

4 min read - Once relegated to the fringes of business operations, cybersecurity has evolved into a front-and-center concern for organizations worldwide. What was once considered a technical issue managed by IT departments has become a boardroom topic of utmost importance. With the rise of sophisticated cyberattacks, the growing use of generative AI by threat actors and massive data breach costs, it is no longer a question of whether cybersecurity matters but how deeply it affects every facet of modern operations.The 2024 Allianz Risk…

November 14, 2024

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

November 13, 2024

Adversarial advantage: Using nation-state threat analysis to strengthen U.S. cybersecurity

4 min read - Nation-state adversaries are changing their approach, pivoting from data destruction to prioritizing stealth and espionage. According to the Microsoft 2023 Digital Defense Report, "nation-state attackers are increasing their investments and launching more sophisticated cyberattacks to evade detection and achieve strategic priorities."These actors pose a critical threat to United States infrastructure and protected data, and compromising either resource could put citizens at risk.Thankfully, there's an upside to these malicious efforts: information. By analyzing nation-state tactics, government agencies and private enterprises are…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature