{"id":14311,"date":"2018-09-21T16:12:38","date_gmt":"2018-09-21T10:42:38","guid":{"rendered":"https:\/\/www.kaspersky.co.in\/blog\/mobile-malware-part-3\/14311\/"},"modified":"2019-11-22T15:30:26","modified_gmt":"2019-11-22T10:00:26","slug":"mobile-malware-part-3","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.in\/blog\/mobile-malware-part-3\/14311\/","title":{"rendered":"Mobile beasts and where to find them \u2014 part three"},"content":{"rendered":"<p><em>Previous parts:<\/em><\/p>\n<ul>\n<li><em><a target=\"_blank\" href=\"https:\/\/www.kaspersky.com\/blog\/mobile-malware-part-1\/22770\/\" rel=\"noopener noreferrer nofollow\">Mobile beasts and where to find them \u2014 part one<\/a>: Adware, subscribers, SMS flooders, DDoSers.<\/em><\/li>\n<li><em><a target=\"_blank\" href=\"https:\/\/www.kaspersky.com\/blog\/mobile-malware-part-two\/23350\/\" rel=\"noopener noreferrer nofollow\">Mobile beasts and where to find them \u2014 part two<\/a><\/em>:<em> ransomware, wipers, malicious cryptominers.<\/em><\/li>\n<\/ul>\n<p>In part three of our extensive study of mobile threats, we discuss malware whose primary purpose is to pinch valuable information.<\/p>\n<p>Our smartphones and tablets know almost everything about us \u2014 from contact details to bank card numbers and current location. This information is a goldmine for cybercriminals. As a result, the Web is full of all kinds of pests out to grab anything lying around (or carelessly typed).<\/p>\n<h2>Spyware<\/h2>\n<p><em><a target=\"_blank\" href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/spyware\/?utm_source=kdaily&amp;utm_medium=blog&amp;utm_campaign=termin-explanation\" rel=\"noopener noreferrer\">Spyware<\/a><\/em> is the name given to programs that, yes, spy on people. Like hidden cryptominers, spyware tries to lie low on your smartphone for as long as possible, which tends to make it very difficult to detect.<\/p>\n<p>Some types of spyware steal data \u2014 anything from user names and passwords to photos and geolocation data; other types stick to the spy game, recording audio, shooting videos, and so on.<\/p>\n<p>Here\u2019s what such malware is capable of:<\/p>\n<ul>\n<li>Stealing your e-mails and text messages (both SMS and IM) and forwarding them to cybercriminals,<\/li>\n<li>Recording phone conversations,<\/li>\n<li>Sending your device\u2019s GPS coordinates to scammers,<\/li>\n<li>Revealing your browser history and clipboard contents,<\/li>\n<li>Stealing personal or work documents, or any files from your phone,<\/li>\n<li>Turning on the microphone and\/or camera and sending out secretly recorded photos, audio, and video,<\/li>\n<li>Stealing social media and online bank account details,<\/li>\n<li>Collecting system information.<\/li>\n<\/ul>\n<p>For example, the Trojan spyware <a target=\"_blank\" href=\"https:\/\/www.kaspersky.com\/blog\/skygofree-smart-trojan\/20717\/\" rel=\"noopener noreferrer nofollow\">Skygofree<\/a> starts recording audio when the owner of the infected device is in a place selected by the spyware operators; it also harvests browser history, user names, passwords, and card numbers. It then connects to Wi-Fi all by itself and transfers the booty.<\/p>\n<h3>Keyloggers<\/h3>\n<p>Spyware can be general-purpose or specialized. For example, <a target=\"_blank\" href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/keylogger\/?utm_source=kdaily&amp;utm_medium=blog&amp;utm_campaign=termin-explanation\" rel=\"noopener noreferrer\">keyloggers<\/a> are malware programs that log keystrokes on the keyboard. Sure, modern phones have only virtual keys, but that\u2019s even better for keyloggers. Some masquerade as alternative keyboards, making it child\u2019s play to pick up what the user taps.<\/p>\n<h3>Banking Trojans<\/h3>\n<p>Another specialized breed of spyware, banking Trojans steal data linked to bank cards and apps. These monsters are quite popular with hackers because they provide a direct route into other people\u2019s accounts.<\/p>\n<p>Banking Trojans come in a variety of flavors, and in many cases they combine an array of functions. For example, many can overlay the banking app interface with their own, making it seem as though the user is entering data in the banking app while in fact giving it to the Trojan, which logs the details and feeds them into the banking client so that the user suspects nothing. Also, in many cases, mobile banking Trojans intercept SMS messages from banks containing confirmation codes or information about withdrawals.<\/p>\n<p>The Trojan <a target=\"_blank\" href=\"https:\/\/www.kaspersky.com\/blog\/faketoken-trojan-taxi\/18002\/\" rel=\"noopener noreferrer nofollow\">Faketoken<\/a>, for example, used windows imitating various apps that might reasonably be expected to request card data, including the CVV code, for entirely legitimate purposes. The program then intercepted the SMS duly sent by the bank and forwarded it to the cybercriminals, whereupon they could perform transactions in the name of the device owner.<\/p>\n<h3>How to guard against mobile Trojans<\/h3>\n<p>To protect yourself from all this Trojan mischief, it\u2019s worth following these few simple rules:<\/p>\n<ul>\n<li>Download apps only from official stores, such as Google Play. It won\u2019t provide a full security guarantee, but the risk of encountering a Trojan will be considerably lower. We also recommend that you block the installation of software from third-party sources in the device settings.<\/li>\n<li>Don\u2019t forget to install system and application updates \u2014 they patch vulnerabilities that criminals can exploit.<\/li>\n<li>Think hard before clicking on dubious links in e-mail or text messages.<\/li>\n<li>Pay attention to the permissions requested by apps during installation. See our <a target=\"_blank\" href=\"https:\/\/www.kaspersky.com\/blog\/android-permissions-guide\/14014\/\" rel=\"noopener noreferrer nofollow\">post about permissions and the dangers involved<\/a>.<\/li>\n<li>Install a good antivirus on your phone and scan the system regularly. For example, <a href=\"https:\/\/www.kaspersky.co.in\/mobile-security?icid=in_kdailyplacehold_acq_ona_smm__onl_b2c_kdaily_wpplaceholder_sm-team___kisa____ccbe3384bb4e1385\" target=\"_blank\" rel=\"noopener\">Kaspersky for Android<\/a> detects and neutralizes suspicious apps and keeps you away from malicious websites.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Let\u2019s talk about mobile malware that can empty your bank account or spy on you.<\/p>\n","protected":false},"author":2484,"featured_media":14312,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2196,9],"tags":[105,109,708,1362,36,97,45,689,527,268],"class_list":{"0":"post-14311","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"category-tips","9":"tag-android","10":"tag-apps","11":"tag-banking-trojans","12":"tag-keyloggers","13":"tag-malware-2","14":"tag-security-2","15":"tag-smartphones","16":"tag-spyware","17":"tag-threats","18":"tag-vulnerabilities"},"hreflang":[{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/mobile-malware-part-3\/14311\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/mobile-malware-part-3\/12000\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/mobile-malware-part-3\/6091\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/mobile-malware-part-3\/16292\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/mobile-malware-part-3\/14471\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/mobile-malware-part-3\/13423\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/mobile-malware-part-3\/17015\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/mobile-malware-part-3\/16309\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/mobile-malware-part-3\/21370\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/mobile-malware-part-3\/5284\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/mobile-malware-part-3\/23971\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/mobile-malware-part-3\/10992\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/mobile-malware-part-3\/10911\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/mobile-malware-part-3\/9769\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/mobile-malware-part-3\/17763\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/mobile-malware-part-3\/12314\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/mobile-malware-part-3\/21654\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/mobile-malware-part-3\/23816\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/mobile-malware-part-3\/17385\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/mobile-malware-part-3\/21240\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/mobile-malware-part-3\/21247\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.in\/blog\/tag\/threats\/","name":"threats"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts\/14311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/users\/2484"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/comments?post=14311"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts\/14311\/revisions"}],"predecessor-version":[{"id":17263,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts\/14311\/revisions\/17263"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/media\/14312"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/media?parent=14311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/categories?post=14311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/tags?post=14311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}