The Trojan Malware known as 'Android.banker.A2f8a' has reportedly targeted 232 apps including that of a few Indian Banks. It was spotted by Quick Heal Security Labs that the malware is designed to steal personal data from users.
The trojan is reportedly distributed through a fake Flash Player app, which on getting downloaded looks for the 232 banking and cryptocurrency apps. It then generates a fake notification of the targeted apps and asks users for their credentials and ultimately tricks them by stealing their Login details and password.
The targeted banking apps are Axis mobile, HDFC Bank MobileBanking, SBI Anywhere Personal, HDFC Bank MobileBanking LITE, iMobile by ICICI Bank, IDBI Bank GO Mobile+, Abhay by IDBI Bank Ltd, IDBI Bank GO Mobile, IDBI Bank mPassbook, Baroda mPassbook, Union Bank Mobile Banking, and Union Bank Commercial Clients.
The malware is said to intercept incoming and outgoing SMS from phones that are infected. This allows it to bypass the OTP based authentication.
It is has been advised by the Quick Heal Labs to not download apps from third-party app stores or links provided in SMS and emails. Android users should rely on Google Play Store.
Also, it should be noted that Adobe Flash player has been discontinued after Android 4.1 version. It comes integrated within the mobile browser. There is no official Adobe Flash player app available on the Google Play Store.