Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Russian mobile banking Trojan gets ransomware features, starts targeting US users

Lucian Constantin | June 13, 2014
A new variant of the Svpeng malware locks Android devices and displays fake warnings from the FBI, researchers from Kaspersky Lab said.

The new Svpeng variant doesn't steal mobile banking credentials, but there are indications that this feature is being planned. The malware checks to see whether mobile banking apps from several U.S. financial institutions including American Express, Citibank, Chase Bank, Wells Fargo, Bank of America, TD Bank and BB&T are installed on the affected devices and uploads the scan results to its command-and-control server.

"The cybercriminals are probably just gathering statistics about the use of these apps on infected devices," Unuchek said. "Considering that Svpeng is, first and foremost, a banking Trojan, we can expect to see attacks on the clients of these banks who use mobile apps to manage their accounts."

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.