Mobile Banking Trojan Campaigns Target Indian Android Users

Mobile banking Trojans spread through deceptive social media messages remain a problem for Indian smartphone users, warns Microsoft.

See Also: Live Webinar | Generative AI: Myths, Realities and Practical Use Cases

India accounts for 4 in 10 global transactions made with digital payments, according to the National Payments Corporation of India – a development facilitated by ubiquitous QR codes and a national digital identity program known as Aadhaar that covers nearly every Indian.

Microsoft said in a Monday blog post that mobile malware infections aren’t a new threat to Indian users, but they “pose a significant threat” of financial loss and data theft.

Fraudsters use WhatsApp and Telegram to distribute malicious apps masquerading as legitimate banks, government services and utilities software. Hackers are using a relatively new tactic of directly sharing malicious Android app files with the mobile users over messaging platforms.

Ongoing campaigns led to the discovery of two fraudulent applications designed to deceive Indian banking customers.

Targeting Account Information

Threat actors used WhatsApp in a recent, widely circulated phishing campaign to deliver a fake banking app disguised as a “know your customer” app that tricks users into submitting…