New Android-Trojan steals password for banking apps and social networks

ESET is in the guard as always. According to the company, a new malicious program is lurking in the dark corners of the Internet. This Trojan targets systems running on Android.

 

The malicious app, that contains Trojan Android/Charger.B, was found in Google Play store. It was distributed under the title Flashlight LED Widget. However, nothing stops cyber criminal to distribute the Trojan under any other titles and appearances. Besides Google Play the app can find its way to your device through the web other app stores.

 

After the installation the app requests administrator’s rights and the approval to open windows above other apps (for example, it works the same way Facebook Messenger works). After that the app sends the details about the device including a photo of the owner made with a frontal camera.

 

The Trojan was designed to steal passwords for banking and social media apps, such as Facebook and Instagram. When a user starts the application, like Facebook or Instagram, the malicious app creates a fake window above it that looks like a native window requesting user’s login details. The login details, passwords, and details of your bank cards entered in such window will be sent to cyber criminals.

 

It is easy to find the app. However, deleting it can be tricky. For that you will need to restart you phone boot in a safe mode. Contact our London IT Support centre for help.