The smartphone revolution is enabling the harvesting of banking information and credit card numbers in new ways. There were almost 100,000 malicious modifications to mobile malware in 2013, with over 98% connected to the Android platform. Sandroid is the latest high-profile mobile Trojan, wreaking havoc amongst middle-east banking customers.
This botnet is spreading with the help of malicious Android apps. Reliable banks from the middle-east are being used as bait. These include Riyad Bank, SAAB, AlAhliOnline (NCB), Al Rajhi Bank and the Arab National Bank.
Almost 3000 mobile phones have already been infected by the malicious scheme, with an estimated 28,000 text messages intercepted for manipulative use. The Russian spyware was exposed by security expert Brian Krebs.
The hacking methodology is simple. Computers are contaminated with malware using traditional phishing techniques. Pop-up boxes creep up on the screen, asking the victims to download a banking security app on their mobile phone. This obviously is a scam, as these apps are actually spyware that are designed to harvest private information.
Nicknamed Sandroid, this malware intercepts all incoming SMS messages and harvests relevant banking information. The victim’s code, username and password are exposed without much trouble and are automatically transferred to the botnet-master. Krebs traced the botnet activity to a Russian Mobile Telesystems SIM card currently active in Moscow.
The good news is that users with even basic Android anti-virus solutions can easily trace the aforementioned malware, which has a simple signature. Besides adopting safe browsing habits on the computer, Android users have to beef up their mobile security awareness to combat malicious Trojans like Sandroid and other dangerous cyber-threats.
Sandroid is not a vulnerable app, but official apps do need to be vulnerability-free. This can be achieved by implementing the right tools to create a safe Software Development Life-Cycle (SDLC). Source Code Analysis (SCA), a SAST solution, can be fully integrated into the development process, shortening production times, saving resources and cutting costs.
Sign up today & never miss an update from the Checkmarx blog
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.