A new Android banking Trojan named Red Alert 2.0 has come into action, which is capable of blocking and logging all incoming calls from banks.
A new Android banking Trojan named Red Alert 2.0 has come into action, which is capable of blocking and logging all incoming calls from banks. Researchers from SfyLabs first discovered the Trojan on a Russian speaking hacking forum and is being rented for $500 per month on many hacking forums. When the user opens a targeted app on their device, the malware shows an HTML based overlay on the top of the opened app saying some error occurred and asking them to re-enter their login credentials. The malware collects the credentials and is passed to its C&C server. This malware is also capable of bypassing two-factor authentication by intercepting text messages which are sent and received from the device. The latest feature which was added to Red Alert 2.0 is that it can automatically block incoming calls coming from the bank and other financial institution. Especially calls from financial fraud departments for warning us from such malicious activities. Another interesting feature about Red Alert 2.0 is that it uses Twitter to avoid losing bots when its C&C server is offline by retrieving a new C&C from a twitter account. Cengiz Han Sahin, CEO, and founder of SfyLabs said that it is one of the few android banking trojans which is written from the scratch itself unlike other trojans which were made from leaked source code of older trojans and the malware is being rented for $500 per month on many hacking forums. The malware targets over a 60 android banking and social apps. All apps which are spreading Red Alert 2.0 are seen in third-party apps stores and is yet to be seen in Play store. The malware is said to be working on all devices which are running on android 6.0 and earlier
To prevent your smartphone from infection, do follow the instructions below:
- Always switch off “Allow installation from unknown sources” in security settings thereby restricting download apps from a third party and anonymous sources.
- Don’t download attachments from unknown sources.
- Always Use google play store to install apps, don’t use any third party app stores.
- Download apps from verified developers and check their app rating and download counts before installing an app.
- Verify app permission before installing an app.
- Install the best and updated antivirus/anti-malware software which can detect and block these type of malware.