Security watchdog Kaspersky Lab has uncovered a new banking Trojan project on the Android mobile platform, reminding users how many vulnerabilities they may be facing.
According to a report by Kaspersky Lab, even by viewing their favorite news sites or performing any simple tasks on their mobile Android devices, users can end up downloading last-browser-update.apk, which is actually a bank Trojan detected as Trojan-Banker.AndroidOS.Svpeng.q.
It turns out to be a malicious program downloaded via the Google AdSense adverting network. A large number of websites are using it to display targeted advertisement to users because it is easily available and they make a profit every time a user clicks on it. The platform seems to have failed to prevent creators of the malicious program from publicizing it via AdSense. Kaspersky Lab found that the Trojan is downloaded as soon as a page with the advert is visited.
“The Svpeng family of banking trojans has long been known to Kaspersky Lab and possesses a standard set of malicious functions. After being installed and launched, it disappears from the list of installed apps and requests the device’s admin rights,” the report stressed that such kind of malicious attacks are not new.
Malware such as Svpeng can steal information about the user’s bank cards via phishing windows, intercept, delete and send text messages and counteract mobile security solutions that are popular in Russia by completing their processes. In addition, Svpeng collects a large amount of information from the user’s phone, including but not limited to, the call history text and multimedia messages, browser bookmarks and contacts.
If you’re worried about your device’s safety, read up on our list of best VPNs for Android.