New Overlay Malware Targets One Billion Android Devices
May 3, 2016
Shah Sheikh (1294 articles)

New Overlay Malware Targets One Billion Android Devices

A new malware, called overlay malware has just been discussed which affects the Android system. The malware works by tricking users of sharing their details and credentials.

There are two main operating systems which run on smartphones these days. The Android-iOS duopoly has not been removed for a long time now. Windows, BlackBerry have all tries with different operating systems but nothing significant has come up. But with widespread use comes different problems.

Google-owned Android is essentially run on more than 1.4 billion smart devices according to stats. That number is massive and is significantly impressive, but it has started to attract the wrong crowd. Hackers who feel they can gain from the widespread use of Android by a billion plus number of people in the world now see the Android system as a platform to gain money.

How the overlay malware works

Hackers use the overlay malware tries to trick users to share their information and credentials. They do this by placing one fake app as a replacement for a real app. An example is when you open a banking app on your device. If they place a fake app on it, they take you to a new window which asks for your online banking account details and therefore you have to put in your log in and password information again. Since they imitate the whole process of logging in into your bank account, that means things such as two factor authentication passwords, security questions and any other measures to set up and secure your account are revealed.

The idea is a good one because most of us even like it more when we are asked for details of our login rather than simply logging in without the input of a password as that makes it feel like you are just being watched somehow.

One (small) good in thing about the overlay malware is that due to its simple use they are now becoming much more expensive on the black market meaning much less people can afford them now. One of the malware, GM-Bot, one of the hottest and most effective of the overlay malware is going for over $15,000. It has had an increase from $5,000 just a few months ago. The prices are courtesy of IBM X-Force, which were taken from their talk with Kaspersky Lab.

The GM-Bot malware coding was leaked on the Internet just a couple of months back. And thanks to that, hackers got hold of the coding and have been trying high and low to rework the coding so as to make sure the common Internet security suite is unable to detect the malware. Hackers are mostly involved in the Android devices. In addition to the GM-Bot malware, other overlay malware available on the internet include the KNL Bot malware. It is going for $7,000 and also enables hackers to steal bank log-in and password details remotely.

The Cron Bot malware is also available for $7,000 and the Bilal Bot, which comes at a lower price of $3,000. Some of these malwares have been coded in such a way that Internet security systems will not be able to detect them.

One best way which is advised to keep your device safe from the malware is to keep your phone updated. It is believed the malware are only affecting the Android 5.0 and below, the Marshmallow 6.0 Android version is safe. Another thing is to avoid all these third party apps and instead, use apps from the Google Play Store.

Source | OppTrends