Android banking malware uses overlay screen to steal credentials.
For most people and most companies protecting your computers, networks and servers against malware is just part of doing business; it is a necessity.
Not everyone thinks the same way about their mobile devices, particularly Android smart devices like tablets and smartphones, which have seen a massive increase in malware over the past few years.
This could end up being a massive problem for you or your company, especially considering the large amount of data stored on an average phone and sensitive nature of some of the apps that might be installed; like banking apps for example.
Mark James, ESET IT Security Specialist, describes one particular Android malware, called MysteryBot, which specifically targets banking apps by abusing permissions.
“This particular strain of Android malware appears to have successfully managed to show “overlay screens” on Android 7 & 8.
“This could be used to either show fake logon screens over legitimate apps or trick the user into granting permissions by masquerading screen presses as other functions.
“For most of these functions to happen the app itself needs to be granted access to the Accessibility service, a service mostly used by malware.
“Limiting the installation of side-loading apps from outside the Play Store will limit your attack footprint and will in most cases lower your chances of being infected.
“Of course making sure your device has a good multi-layered security product installed, is up-to-date, fully patched and always where possible read as many reviews as possible for any apps you install, this can all help to keep you safe.”
Do you use security apps on your Android devices? Let us know on Twitter @ESETUK.
Did you know ESET provides Endpoint Security for Android? Which can be centrally managed alongside our other software using ESER Remote Administrator.