Online security experts have discovered a new Android malware that blocks outgoing calls to banks to keep customers from complaining about suspicious activity.
Symantec, an American technology company, found the Android.Fakebank.B malware app in October 2013. The app replaces banking apps on a user's device with fraudulent versions, which helps a hacker to track and access a victim's bank details and then conduct fraudulent transactions.
A new version of Android.Fakebank.B malware was released in March and has the capability of blocking calls to banks.
"Once installed, the new Android.Fakebank.B variants register a BroadcastReceiver component that gets triggered every time the user tries to make an outgoing call. If the dialed number belongs to any of the customer service call centers of the target banks, the malware programmatically cancels the call from being placed," says Symantec.
Experts at Symantec have found that the new malware version targets financial institutions in South Korea and Russia. Some of the customer care numbers that Android.Fakebank.B blocks are for KB Bank, KEB Hana Bank, NH Bank, Sberbank, SC Bank and Shinhan Bank.
Symantec reports that when a victim tries to call these banks via their registered mobile phone, then the malware diverts the call to an Interactive Voice Response (IVR) System and cancels the call. The malware is very dangerous as customers will find it difficult to report an unauthorized transaction or to cancel unsanctioned payments.
A customer can call a bank from another device, but this can still give hackers additional time to steal data from a compromised device.
Symantec recommends that Android phone users keep their software updated to keep their mobile devices protected from Android.Fakebank.B. The technology company suggests that mobile phone or tablet users should not download app via unfamiliar websites and always opt to install apps from trusted sources.
Symantec also recommends that customers should install a security app to protect their personal and financial data from the hands of hackers.
Google has started rolling out monthly security updates to Nexus devices and the same is being followed by many other device makers such as Samsung. A previous Tech Times report also highlighted that Samsung and Nexus devices are the safest Android smartphones to use.
Many mobile phone users have started conducting financial transactions from their handsets, which means that more hackers will try to target smartphones to steal data. Security experts suggest that even though a security update does not bring new features to the table, it is always good practice to download a security patch as soon as it is received.
Photo: Scott Akerman | Flickr