According to a report from antivirus and cybersecurity company Quickheal, trojan malware is detected in android phones which is specifically targeting apps from major Indian banks. These malware apps are capable of stealing financial data as customers use online banking and payment systems. These trojan malware mask themselves under the icons of popular applications such as adobe flash player or even as android update icons. The trojan Android.Marcher.C uses the Flash Player icon, while Android.Asacub.T uses the update icon.
Once a malware trojan is installed on a phone then it tries to get special privileges and permissions by forcing user to click on the ‘activate’ button and even if the user selects the ‘cancel’ button the malware keeps asking the user to select ‘activate’ button in order to gain special privileges and permissions.
Once the application gains these permissions, they are constantly running in the background of a phone and this is just the first step for their operation. The app running in the background looks for other popular applications which can be then leveraged to steal your data and these apps can include whatsapp, facebook, instagram ,twitter etc.
Once the malware has detected these applications then it creates hoax notifications which on the surface look friendly and harmless and from the applications that you use everyday. Once you click on the notification the trojan asks for sensitive information like passwords, login information, credit card numbers which is then sent over to the malicious server. Unless this number is provided, this window prevents the user from accessing the app.