A new banking Trojan targeting android devices called Red Alert 2.0. It has been started hitting android powered smartphones and tablets.
Researchers at Sify Labs discovered the malicious attack and has started to appear in third-party app stores that offer an unregulated marketplace for people to download apps beyond the offerings in Google’s official app store.
Here How it Works –
- Once the user downloads these malicious apps into their devices and open it , a popup will display user to enter their login credentials. But it informs the user that there is an error while logging in and it requests user to re – authenticate their account.
- When the user re-enters their username and password on the touch screen keyboard it is recorded by the Red Alert Trojan’s and transmitted to the C&C server which is used by the hackers to hijack the account.
- The criminals can hide SMS messages coming from the bank to the user. These Red Alert 2.0 also block incoming calls from banks.The hackers easily hack the banking or social app and can drain the bank account.
Protect such android banking trojan
Users have to keep an eye on third party app stores and they have to disable the “Allow installation of apps from unknown sources” in settings and do enable only conformity to the law or to rules of the download source even the official Google play store itself.
Recently Russian Interior Ministry announced more than one million Android smartphone with a mobile Trojan called “CronBot” had stolen nearly $900,000 from bank accounts.
Keep safe your devices preventing this newly RedAlert 2.0 Android trojan.