Beware! Malicious banking app prowling the net


Teddy Njoroge,People Daily

This week a set of banking trojans were discovered and identified by ESET
researchers, had found their way past Google Play’s security mechanisms,
this time targeting a number of Polish banks.

Disguised as crypto monitor, a cryptocurrency price tracking app, and
StorySaver, a third-party tool for downloading stories from Instagram, the
malicious apps can display fake notifications and login forms seemingly
coming from legitimate banking applications.

Besides delivering the promised functionalities the apps are capable of
harvesting credentials entered into the fake forms, as well as intercept
text messages to bypass SMS-based 2-factor authentication.

This is just an example of some of the malware cases recorded by ESET in
2017. A few high –profile cases impacted millions of individual users while
dealing financial blows to major companies. Indeed, it is our hope that the
public now has a greater awareness of threats and their severity, but the
level of sophistication behind attacks continues to rise. What does this
mean for consumers?

Data is the new currency with consumers expecting to enjoy software at
little or no cost. Vendors are now also in the data-collection business,
increasing the cyber risks associated with data privacy. As a mobile first
generation, a big chunk of our lives and activities are conducted via the
mobile phone and other multiple connected devices.

According to technology research firm Gartner, more than 80 percent (352
million) of all mobile devices sold in the last quarter of 2016 ran on the
Android platform.

With this in mind and noting that as more mobile phones and Internet of
Things (IOT) devices connect to the web, the higher the potential for
cyberattacks on the back of our increased individual risk profile. But even
with this knowledge it is sad to note that many people still do not take
their mobile and IOT security with the due importance it deserves.

This lackadaisical attitude can be said to also affect the Small and Micro
business space, not just in Kenya but across the globe. As hackers and
cybercriminals become more sophisticated, it has never been more important
to protect your business and personal data with the highest level of

While it is fair to say that, ransomware and other manner of breaches will
tend to focus on the larger enterprises owing to the potential for huge
payoffs in credential theft and even ransom payments, perhaps it is time
that focus was also brought to bear on the risks posed to the individual by
unsecured mobile and IOT devices. The writer is country manager for ESET

kictanet mailing list