ESET uncovers an Android trojan, masquerading as flashlight app.
Android users were the target of another banking malware with screen locking capabilities, masquerading as a flashlight app on Google Play. Unlike other banking trojans with a static set of targeted banking apps, this trojan can dynamically adjust its functionality.
Aside from delivering the promised flashlight functionality, this remotely controlled trojan comes with a variety of additional functions aimed at stealing victims’ banking credentials. Based on commands from its C&C server, the trojan can display fake screens mimicking legitimate apps, lock infected devices to hide fraudulent activity and intercept SMS and display fake notifications in order to bypass two-factor authentication.
The malware can affect all versions of Android. Because of its dynamic nature, there might be no limit...(continued)