Android Malware Blocks Mobile Antivirus Apps from Launching

[Jack]

One Android banking trojan has borrowed a trick from its desktop counterparts, and besides stealing login credentials from banking apps, this threat also sabotages mobile antivirus applications and prevents them from launching.

For the moment, this Android banking trojan is active only in Germany and targets the mobile apps of 15 German banks.

Discovered by malware analysts at Fortinet and tracked as Android/Banker.GT!tr.spy (Banker.GT for this article), this threat is your run-of-the-mill Android banking trojan.

The one feature that allows it to stand out is its ability to detect the presence of local mobile security applications and block them from starting. The list of Android security software includes the following apps:

avg.antivirus
com.anhlt.antiviruspro
com.antivirus
com.antivirus.tabletcom.nqmobile.antivirus20
com.bitdefender.antivirus
com.cleanmaster.boost
com.cleanmaster.mguard
com.cleanmaster.mguard_x8
com.cleanmaster.sdk
com.cleanmaster.security
com.dianxinos.optimizer.duplay
com.drweb
com.duapps.antivirus
com.eset.ems.gp
com.eset.ems2.gp
com.kms.free
com.netqin.antivirus
com.nqmobile.antivirus20.clarobr
com.piriform.ccleaner
com.qihoo.security
com.qihoo.security.lite
com.referplish.VirusRemovalForAndroid
com.sonyericsson.mtp.extension.factoryreset
com.symantec.mobilesecurity
com.thegoldengoodapps.phone_cleaning_virus_free.cleaner.booster
com.trustlook.antivirus
com.womboidsystems.antivirus.security.android
com.zrgiu.antivirus
droiddudes.best.anitvirus
oem.antivirus

To be able to do this, when users install the app tainted with the Banker.GT trojan, the user must give it administrator rights.

Read more: Android Malware Blocks Mobile Antivirus Apps from Launching

 

[tim one]

This happens because in Android the termination of processes, and then of the antivirus is trivial thing with admin rights.
I use Zemana and it seems to be not present in the list But probably the list will be constantly updated by the malcoder.

 

[DardiM]

I voted "yes"
Even if I downloaded 0 apps : only the AV, and auto updates of already installed apps (present when I purchased the phone)

 

[ttto]

I think Android malware is evolving very quickly. Although you can be fine without AV if you only install certain apps from Play Store, I found web protection very useful, that's the main reason I've one installed in my tablet. I saw Norton on the list. In my tablet is still launching though.

 

[tim one]

I think Android malware is evolving very quickly. Although you can be fine without AV if you only install certain apps from Play Store, I found web protection very useful, that's the main reason I've one installed in my tablet. I saw Norton on the list. In my tablet is still launching though.

I use Zemana Mobile Security and Adguard free version that offers a good web protection from ads and malversting that in my country are often the cause of click-trap paid subscriptions..

 

[ttto]

I use Zemana Mobile Security and Adguard free version that offers a good web protection from ads and malversting that in my country are often the cause of click-trap paid subscriptions..

Here, there is a lot of ads, that ends in a fake app download. Zemana+Adguard seem to be effective! Firefox+Norton work fine to me!

 

[Svoll]

Android or mobile malware is really evolving, I recall when i got my first android phone, there was no malware or virus programs available. Looking at the list, Hope malwarebytes doesn't show up on it. Thanks for an informative post OP.

 

[Solarquest]

I cannot imagine a smartphone nowadays without an AV...too many devices are not and cannot be updated and are too vulnerable.
AV and safe habits are the best, if not only, real defence...
I used Avast before and Kasperky right now, happy they are not on the list, yet..

 

[jamescv7]

You can have no any security programs installed, the concept of attacks in Android and Windows are different.

Remember that if you think worried for installing unknown sources then put an AV.

 

[Vanduss]

im using zemana mobile antivirus so i guess im not affected by that?