More than 16,000 people in 27 countries have fallen victim to the modification, which targets more than 2,000 Android financial apps.
According to Kaspersky, the mobile banking trojan, referred to as a modification of Trojan-Banker.AndroidOS.Faketoken is distributed under the guise of various programs and games, often imitating Adobe Flash Player.
Using a phrase from the database, depending on the language of the user, the trojan will display various phishing messages. If a message is clicked, the trojan opens a phishing page aimed at stealing passwords from Gmail accounts. It also overlays the original Gmail app with one appearing to have the same purpose.
Kaspersky Lab provided a detailed list of things the trojan is capable of, including blocking the device in order to extort money for unblocking it.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now