Android Lokibot, a “malware” that infects mobile banking systems
The main countries affected by number of devices have been Germany, Turkey, Iran, Colombia and Hungary
Experts in cyber-security have alerted a new family of “malware-malicious code-banking for mobile called Android Lokibot that subtracts information from credit cards and injects malicious code into mobile banking systems.
Although this “malware” usually affects desktop and laptop computers, “we are starting to see how many more attacks on mobile devices are being recorded,”.
Tips for Mobile Banking Security
Among other features, in addition to stealing credit card information, Lokibot injects malicious code, affecting communications and any relationship between the infected device and mobile banking systems for certain entities in several countries, mainly in Europe. Experts believe that “this malware has been able to modify web pages of up to 50 banks in 8 countries in Europe to ask for more information about the user”.
S21sec’s chief of cybercrime explained that “at the beginning of the investigation we located in a forum how a cyberdilquencente sold this pirate tool to offer it to other computer criminals for 2,000 dollars .” This type of illegal tools that violate users’ privacy is sold in forums of the ‘deep web’ (the area of the web that is not indexed by conventional search engines) where only users are allowed to enter That they know “.
At the statistical level, “the main countries affected by a number of devices have been Germany, Turkey, Iran, Colombia, and Hungary,” explains this expert. “At the moment we are in the investigation we can not calculate what the total number of devices affected, but in a preliminary state we have seen thousands of accounts affected,” he says.
However, among the countries that are likely to be attacked are many others, including Spain, “although there is no record of any infections so far” , points out Avila, who acknowledges that Europol has already been made aware of Information obtained in its investigations, “which will be responsible for the affected entities to quantify what has been the impact of the threat” since at the moment no data on economic losses are handled.