Beware: This Android Malware Can Steal Your Banking OTP

Advertisement
By Sumit Chakraborty | Updated: 5 January 2018 13:31 IST
Highlights
  • Malware is known as Android.banker.A9480
  • Android banking trojan steals login ID, password, SMS, contact lists
  • Not only banking apps, but cryptocurrency apps affected too

An Android malware is reportedly targeting over 232 banking apps including a few banks in India. The Trojan malware, named 'Android.banker.A9480', is designed to steal personal data from users, Quick Heal Security Labs reports. Similar to other banking malware, this one also sneaks into login data, SMS, contact lists and uploads them to a malicious server. Additionally, apart from the banking apps, this Trojan also targets cryptocurrency apps present on a user's phone.

Quick Heal lists the Indian banking apps that are targeted by the Android banking Trojan malware: Axis mobile, HDFC Bank MobileBanking, SBI Anywhere Personal, HDFC Bank MobileBanking LITE, iMobile by ICICI Bank, IDBI Bank GO Mobile+, Abhay by IDBI Bank Ltd, IDBI Bank GO Mobile, IDBI Bank mPassbook, Baroda mPassbook, Union Bank Mobile Banking, and Union Bank Commercial Clients.

Advertisement

ICICI Bank Says Mobile App Malware Not a Threat to Customers

Android.banker.A9480 malware gets circulated via a fake Flash Player app on third-party stores, Quick Heal said. The Flash Player app is a popular target for cybercriminals due to its prevalence. Once users download the malicious application, they get several prompts to activate administrative rights. The app sends numerous pop-ups to victims until the administrative privileges are activated, the report added.

Advertisement

Once the app is installed on a smartphone, the icon gets hidden when the user taps on it. The malicious app keeps working in the background while checking for one of the 232 banking apps. Further, if the app finds one of the targeted apps, it sends a fake notification that resembles the banking app. When users open the notification, they get a fake login window that is then used by the attackers to extract confidential data like login ID and password.

As per the blog posted by Quick Heal, the malware can process commands like sending and collecting SMS, upload contact list and location, display fake notification, accessibility and GPS permission, and more. Since the malware can intercept incoming and outgoing SMS from an infected smartphone, it is also able to bypass the OTP based two-factor authentication on the user's bank account.

 
Post your comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Android, Malware Attack, Malware, Android App Malware, Banking, Banking apps, Trojan
LG to Rebrand Its G Series Flagship Smartphones in 2018: Report
Google Said to Explore Sale of Restaurant Review Guide Zagat
Advertisement

Related Stories

Google Reportedly Working on AirDrop-Like Tap to Share Feature Discovered in One UI 9, Android 17 Builds
30 March 2026
How to Transfer WhatsApp Chats From iOS to Android: A Step-by-Step Guide
27 March 2026
Android 17 Beta 3 Hints at New Priority Charging Feature, OEM-Exclusive Camera Features in Third-Party Apps: Report
27 March 2026
Samsung Galaxy S26 Series Gets AirDrop Support via Quick Share in South Korea Ahead of Global Expansion
23 March 2026
How to Bypass Android's 24-Hour Delay and Install Third-Party Apps on Your Phone
22 March 2026
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Lava Bold N2 Pro With 50-Megapixel Rear Camera Debuts in India: See Price
  2. Vivo X300 Ultra, Vivo X300s Launched With Zeiss-Tuned Cameras and Teleconverter Support
  3. Google Pixel 11 Design, Key Specifications and Launch Timeline Leaked
  4. Here's Everything Apple Has Introduced With the iOS 26.5 Beta 1 Update
  5. Leaked Screen Protector Points to the Fate of Apple's Dynamic Island
  6. Vivo Pad 6 Pro Launched With 13-2-Inch 4K Display and This Snapdragon Chip
  7. Oppo Reveals Find X9 Ultra Global Launch Date, Teases Find X9s Pro Cameras
#Latest Stories
  1. Oppo Find X9 Ultra Global Launch Date Confirmed, Find X9s Pro Camera Details Teased Ahead of China Debut
  2. iOS 26.5 Beta 1 Rolls Out With Ads in Apple Maps, RCS Message Encryption Toggle
  3. Lava Bold N2 Pro Launched in India With 5,000mAh Battery, 50-Megapixel Rear Camera: Price, Specifications
  4. Google Pixel 11 Spotted in Leaked CAD Renders That Suggest It Will Arrive With Subtle Design Changes
  5. Apple's iPhone 18 Pro Could Feature Smaller Dynamic Island Instead of Hole Punch Cutout, Leaked Screen Protector Suggests
  6. Vivo Pad 6 Pro Launched With 13.2-Inch 4K Display, Snapdragon 8 Elite Gen 5 Chip: Price, Specifications
  7. Vivo X300 Ultra With Snapdragon 8 Elite Gen 5 SoC Launched Alongside Vivo X300s: Price, Features
  8. Vi 5G Rollout: Telco Says It Will Expand 5G Coverage in 90 Cities Within Two Months
  9. Google Reportedly Working on AirDrop-Like Tap to Share Feature Discovered in One UI 9, Android 17 Builds
  10. OnePlus Ace 6 Ultra Tipped to Launch in April, Could Rival Redmi K90 Ultra
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.