Android Malware Targets Facebook Users

The Heartbleed bug is still a very real issue for IT admins, but itEUs far from the only issue. The latest woe comes in the form of a malicious Android application called iBanking. When you install it on your mobile phone it can spy on your communications.

Security researchers at ESET, an antivirus vendor, identified the malware. Calling it a bot, the firm said it has phone-specific capabilities that range from capturing incoming and outgoing text messages to redirecting incoming voice calls to grabbing audio using the deviceEUs microphone.

EUAs reported by independent researcher Kafeine, this mobile application was for sale in underground forums and was used by several banking Trojans in an attempt to bypass a mobile two-factor authentication method put forth by some financial institutions,EU Jean-Ian Boutin, a malware researcher at ESET, wrote on the companyEUs blog.

From Banking to Facebook

Boutin explained that several banks around the world use this method, which is called EUmobile transaction authorization numberEU or mToken in the financial realm, to authorize banking operations. However, it seems popular Internet giants like Facebook, Twitter and Google have also picked up the method.

EUThe way iBanking is installed on the userEUs mobile is quite common, but it is the first time we have seen such a mobile application targeting Facebook users for account fraud,EU Boutin said. EUAlthough the Facebook two-factor authentication feature has been around for quite a while, it may be that there is a growing number of people using it, thus making account takeover through a regular account credentials grabber ineffective.EU

Boutin said now that mainstream Web services such as Facebook are also targeted by mobile malware, it will be interesting to see whether other types of malware will start using webinjects, free tools for automated testing of Web services and Web apps.

EUWill we see content injection...

Comments are closed.