Many banks responded to these threats by implementing two-factor authentication transaction authorization systems. That work by sending unique one-time-use codes to their customers’ registered phone numbers via SMS. Faced with an increasing need to access their victims’ text messages to defraud them. Attackers have created mobile malware like iBanking.
All About iBanking
The iBanking malware is distributed. In an HTML injection attack on banking sites. In a blog post, the RSA researchers said engineering victims into downloading a so-called security app for their Android devices.
What It can do
The malware connects to a command control server, allowing attackers to issue commands to each infected device. Then making iBanking not just a Trojan app, but a botnet client.
The iBanking source code leak spotted by the RSA researchers involved the source code for the malware’s bank-based control panel. And a script that can customize the iBanking App Android application package with different configurations.
The malicious App will be customized. Like a security app created by the financial institution. During installation, it asks for administrative rights, which can make it harder to remove later, the RSA researchers said.
The leaked source code for other commercial online banking malware programs like Zeus led to many attacks using those threats. It enabled cybercriminals to create more sophisticated Trojan programs based on them.
As a result of this code leak. Trojan bot masters are in a better position to incorporate an advanced mobile counterpart. And their bank-based attacks afford them control over their victims’ smartphones.
The malware can capture SMS messages and audio recordings and divert voice calls. And makes step-up authentication all the more challenging as fraudsters gain more control over the OOB [out-of-band] device, the researchers said. This highlights the need for more robust authentication solutions to validate users’ identities using multiple factors, including biometric solutions.
