Android has been a favorite target of cyber criminals from the long past. But this time, popular bank account trojan Gugi has hit Android Marshmallow to hack banking details from your device.
Gugi trojan has been known since December 2015 and comes in multiple variations. The trojan is capable of stealing mobile banking credentials of the user by replacing genuine banking apps with counterfeits. Additionally, the malware is capable of stealing credit card details.
Antivirus maker Kaspersky Lab reported that the Gugi now reached Marshmallow devices by fiercing the security layer. The modified version of Gugi trojan has circumvented some advanced security controls of Android 6.0 to spread infection.
“OS such as Android are continuously updating their security features to make life harder for cybercriminals and safer for customers,” said Roman Unucheck, senior malware analyst at Kaspersky Lab, in a statement. “Cybercriminals are relentless in their attempts to find ways around this, and the security industry is equally busy making sure they don’t succeed. The discovery of the modified Gugi Trojan is a good example of this.”
The infamous trojan prompts the user to provide access rights. It displays a message that reads, “Additional rights needed to work with graphics and windows.” There is no way to decline this access. You need to tap “Provide” button. The malware subsequently asked for permissions to authorize app overlay.
Researchers at Kaspersky Lab found that the trojan invariably asks for Device Administrator rights. This allows the malware code to access SMS and even make calls. If the user denies the access, it completely blocks the device.
According to statistics published by Kaspersky Lab, 93 percent of the victims of Gugi trojan attacks are from Russia. There has been ten times increase in the number of attacks and casualties since August this year.
Protection is possible
You can protect your Marshmallow device by carefully examine the rights and permissions an app asks at the time of its installation. Moreover, you should avoid clicking on links in unexpected messages and have to be cautioned about visiting suspicious websites.