New banking malware called Red Alert 2.0 has been discovered by SfyLabs. The Trojan outputs personal data, steals contact information and applies various methods to become a significant threat for Android users.
According to SfyLabs, Red Alert 2.0 has been spread out over the past few months through and available on third-party app stores. The malware uses a new code and applies a range of techniques to steal victim’s data secretly.
Red Alert 2.0 combines similar features like other banking Trojans targeting Android. The Trojan compromises the device after downloading an infected app and does not take any actions until the victim runs a social media or banking app. Over 60 apps were targeted in total.
Once the infected app is launched, the Trojan starts working: firstly, it displays an HTML-based cover on the victim’s screen, which tells the consumer about the problem and requests to re-enter and confirm personal credentials. Next, Red Alert 2.0 steals the credentials and transmits them to its command-and-control (C&C) server.
The cybercriminals behind the Trojan make transactions using stolen credentials via bank accounts, also spam via social media. In addition, Red Alert 2.0 enables the threat actors to get the information from contact lists.
The Trojan was spotted being advertised on a Russian-based breaching forum and is available for rent for only $500.
According to the malware experts at SfyLabs, Red Alert 2.0 consists of various innovative features to create the threat. For instance, when the Trojan cannot contact the C&C server, it turns to social media networks and applies the accounts in order to gather updated server data.
Developers constantly add new features and update the Trojan. According to Security Week, one of the newest features is the capability to block calls from banks so that victims couldn’t be informed about the virus activities.
Android becomes a popular target of cybercriminals due to the increasing presence of mobile financial services.
When it comes to protection, the best advice would be not to download any apps from third-party and unknown developers.