IcSpy Mobile Malware Targets Bank Customers
IcSpy is the name of a strain of mobile malware that can infect Android devices. The malware was used in a campaign targeting victims located in India and customers of Indian banking institutions.
There have been other malicious apps posing as legitimate banking applications and abusing branding and imagery used by real Indian banks. IcSpy is another variation of this, being another Android banking trojan.
The malware was spotted disguised as a fake app, trying to mimic a State Bank of India application for Android.
The malicious application is distributed using phishing mobile text messages. The text messages contain a bad link to a page that will advertise the fake State Bank of India application, called "SBI Quick Support".
The malware can collect various information about the compromised device and can intercept text messages, which means it can obtain multi-factor authentication codes from legitimate apps, that are often sent using SMS.