According to SyfLabs experts, Red Alert 2.0 can steal user’s credentials as well as their contacts. The malware also takes over SMS functions and blocks all calls associated with banks and financial associations.
When opening an application that is targeted by Red Alert, an overlay is shown to the user. When the user tries to log in they are greeted with an error page. The credentials themselves are then sent to the C2 server.
The malware managed to infiltrate several third-party app stores with fake apps, such as messengers, image tools and flash players. Red Alert 2.0 features other functions that have not been seen in other Android banking trojans. It was also written from scratch, rather than being an evolution from leaked sources of older Trojans.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now