Android Banking Trojan Masquerades As Flash Player, Circumvents 2FA

A newly found Android trojan is targeting customers of large banks in Australia, New Zealand and Turkey. The banking malware, flagged as Android/Spy.Agent.SI by ESET security firm, disguises itself as Flash Player and spreads via unofficial app stores. It can steal login credentials of users from 20 mobile banking apps, and can also mimic login screens of popular services such as PayPal, eBay, Skype, WhatsApp and several Google services. The Android trojan is able to intercept SMS communications, which in turn, allows it to circumvent the two-factor authentication.

In conclusion

[Swampash]

Android