Online theft has been increased tremendously in the world. Somewhere it’s related to e-mail, social networking account, credit card information, etc.
The Android Bankosy malware that is one kind of Online theft that uses call forwarding to intercept voice calls with the passcode. This malware is a dangerous Trojan virus programs which attacks computer system and usually bundled with free download and becomes active when user download it. It can also distribute to another system by e-mail attachments. Once the installation is done Start-up items will be changes as soon as it comes so that it can be activated when users boot their computers and PC system will also become extremely slowly due to this infection.
A crucial defense for online banking applications is only the One-Time passwords. According to new research from Symantec, it is now being intercepted by the Android Bankosy malware which is a part of so-called two-factor authentication systems.
Online banking actions require One-Time passwords which are sent over SMS but also can be delivered via an automated phone call. But Bankosy malware has been updated to forward all calls to the attackers and disable and enable the silent mode of affected user’s phone. In July 2014, Bankosy has been detected by the Symantec.
How They Accomplish Their Task:
If we use the service code in the format *21*[destination number]# then we can easily forward the calls and Vice-Versa for disabling it use the service code #21#.
Here is the blog post published by Symantec.
The malware starts a call intent with the destination number obtained from the C&C server to enable unconditional call forwarding on the target device. Figure 2 illustrates the cleaned up code responsible for accomplishing this functionality.
How We Can Remove This Android Malware:
It is designed by using rootkit technique that is hard to remove. But, there is another way to get rid of this tricky Trojan horse. Here are some methods:
1. Using SpyHunter remove Android.Bankosy.
2. Using Manual Removal remove Android.Bankosy.
3. Using ParetoLogic Internet Security remove the Trojan Horse.
4. Using BitDefender Internet Security remove the Trojan Horse.
The another preventive measures that you can take are:
1. Your antivirus software should be updated.
2. Prevent is downloading from unknown sites.
3. Back-Up of your data.
4. Read the permission requests an app asks for carefully
Image Source: symantec