AxBanker Mobile Malware Targets Indian Users
AxBanker is the name of a mobile malicious application that was used in attacks on Indian Android users.
The malware is specific to the Android platform and operates as a banking trojan. Reports state that it was distributed using phishing text messages, primarily to bank customers who were Indian residents and were using some of the biggest banking institutions in the country.
AxBanker comes in malicious apps for Android, doctored to resemble the visual style and using the branding and imagery of the real banks. The malicious app will ask victims to give it SMS permissions. This will allow the malware to grab multi-factor authentication codes such as single-use codes.
The fake apps also promise rewards and various discounts. However, in order to access the fake rewards, the victim is asked to provide a lot of sensitive information. The malware attempts to collect all sorts of data on its victims, which includes real, full names, mobile numbers, emails, dates of birth and even card numbers.
The wealth of information a user might disclose, thinking they are handing it to their bank, is staggering and can turn into a real privacy and security nightmare if the bad actors behind AxBanker use this information for malicious purposes.