- Jun 9, 2013
- 6,720
Security experts are warning Android users of a well-known banking trojan which is being spread by the Google AdSense network, meaning users only need to visit a legitimate site to get infected.
Kaspersky Lab malware analysts Mikhail Kuzin and Nikita Buchka explained in a blog post yesterday that the Svpeng trojan was infecting visitors to a popular banking portal without the need to follow malicious links.
This isn’t the first example of such a campaign. The duo claimed that the Meduza news portal was forced to disable AdSense after unwittingly serving up an earlier version of the trojan to visitors.
“The Svpeng family of banking Trojans has long been known to Kaspersky Lab and possesses a standard set of malicious functions,” they wrote. “After being installed and launching, it disappears from the list of installed apps and requests the device’s admin rights (to make it harder for antivirus software or the user to remove it).”
The trojan is designed to steal bank card data via phishing windows and intercept, delete and send SMS messages in order to attack mobile banking systems that rely on texts to communicate information.
The malware has also been built to bypass mobile security tools, they said.
“In addition, Svpeng collects an impressive amount of information from the user’s phone – the call history, text and multimedia messages, browser bookmarks and contacts,” they added.
“Be careful and use antivirus solutions.”
Full Article. Banking Trojan Found on AdSense Network
Kaspersky Lab malware analysts Mikhail Kuzin and Nikita Buchka explained in a blog post yesterday that the Svpeng trojan was infecting visitors to a popular banking portal without the need to follow malicious links.
This isn’t the first example of such a campaign. The duo claimed that the Meduza news portal was forced to disable AdSense after unwittingly serving up an earlier version of the trojan to visitors.
“The Svpeng family of banking Trojans has long been known to Kaspersky Lab and possesses a standard set of malicious functions,” they wrote. “After being installed and launching, it disappears from the list of installed apps and requests the device’s admin rights (to make it harder for antivirus software or the user to remove it).”
The trojan is designed to steal bank card data via phishing windows and intercept, delete and send SMS messages in order to attack mobile banking systems that rely on texts to communicate information.
The malware has also been built to bypass mobile security tools, they said.
“In addition, Svpeng collects an impressive amount of information from the user’s phone – the call history, text and multimedia messages, browser bookmarks and contacts,” they added.
“Be careful and use antivirus solutions.”
Full Article. Banking Trojan Found on AdSense Network
