The year 2017 introduced a lot of threats into the technology world. From cloud infrastructures to private data centers, nothing can be considered fully secure. One of the major threat to the Internet environment is malware. These are trained bots or software tweaks assisting hackers belonging to different organizations within the dark web. Malwares collect valuable information, create leak holes or leave a virus within a specific system. With the intent of damaging your technology infrastructure, a malware is designed to dismantle or penetrate all global security systems.

Since, nothing is safe, no matter how much the technology giant claims, neither is your Android phone. This year security researchers have analyzed that there is a new malware threat gaining recognition and it is smart enough to trap anyone into its looming danger. A 3-pronged banking malware known as the Marcher Malware is designed to attack your system in three ways; It performs identity theft, steals credit card information and leaves a Trojan behind.

It is mostly observed targeting the banking industry and prevailed occurrences of this malware has been detected among customers of Raiffeisen Meine Bank, Sparkasse and Bank Austria.

How Does the Attack Take Place?

It works through a phishing message cloaked under the title of the bank associated with the customer. The message contains a short link from a trusted source (e.g. bit.ly) well obscured within the sent email. The link directs the customer to a fraudulent bank page where the customer is asked to enter their bank account and PIN information.

The next step further inquiries the customer to fill in their personal detail such as their email ID and password.

Once all the information is fed to the system, the hacker harvests the information and make transaction and transfers from the individual’s bank account using his/her details. Still, the attacker cannot perform cyber theft unless the permission is allowed by the customer itself and here’s where the Malware comes in action. As soon as the information is uploaded by the individual, they are prompted with a pop up screen to download the “bank’s security application”.

As soon as you install the application on your Android phone, just like any other application on Android, it asks you to allow permissions for just about everything from reading, receiving, sending texts, reading address books, opening network socket layers, becoming the administrator, changing configurations to even locking your smart device up.

While we agree to such terms thinking that Android will supervise it for us, the case is a whole lot different with this Malware. Almost 7% of the targeted victims who downloaded the application also informed that if Google Play Services are running in the background, the application also inquires you to fill in your credit card details.

The director of 250ok, Matt Vernhout in his session with the Tech News World says:

Marcher Malware campaign in Austria is significantly more coordinated than the standard email attack; however, it may have limited impact as the number of steps required to complete the attack maybe more than most individuals are willing to complete

The growth patterns of this 3 phase malware attack shows that it is likely going to infect the world more in the coming year. It has been seen operating worldwide and socially engineered to penetrate secure infrastructures using different tactics.

How Can You Stay Secure?

  1. First of all, keep your Android phones up to date with the latest operating system and refrain from installing applications other than the Google trusted resource, The Google Play Store.
  2. Secondly, individuals should stay vigilant and confirm before clicking on any link that inquires to feed in their personal information, banking details and so on.
  3. Do not allow permissions to applications unless you are perfectly sure that it comes from a trusted resource. Ensure the maximum security; keep your finances and your Android devices safe.
Share This