Kaspersky Lab has discovered a new version of something called “Gugi” malware, specifically targeting banking apps on Android devices.
The malware typically comes in via an unrecognized text message with a link included. When the link is clicked on, users are prompted to install software and accept security prompts for “additional rights to work with graphics”. If the malware is installed and security prompts are accepted, the app attempts to put an overlay over banking apps to steal login information as it is entered.
Many of the attacks have been in Russia, but it has also affected the U.S. as well.
ACTION: We suggest making sure your Android device is up to date and also make sure to not click on anything that is unfamiliar or looks suspicious. If you think that your credentials have been stolen, contact your bank immediately as well as your IT staff to clean your device.
Contact us for more information or help at: