Security researchers discovered that the Android malware identified as the GM Bot is now easier and more commonly available to cyber criminals. This increases their chances to steal personal information such as your banking, login, and card details when making use of this malware.
It is important to know that although the convenience of banking online with a hand held device is very lucrative, it is always better and way more secure to use a device such as a PC that is protected by BankVault.
According to security researchers, an “underground board” also known as an internet community of criminals and fraudsters, gained access to the resource code for the GM Bot and the control panel as well. More interesting, the access provided them with a tutorial and some instructions on how to install this malware on any kind of server.
The concern here is that these thugs are able to customize the GM Bot to attack users of Android apparatuses. It is used to deceive users into providing their credentials, banking details and passwords into simulated windows which in return forward all the details provided to the attacker. This allows them to gain access and steal from a victim’s account.
In addition to the already jeopardizing features, this malware also allows the attacker to have domination over phone calls and SMS texts that is supposed to provide supplementary security measures.
Some relief is that newer Android devices are fairly safe against this GM Bot due to integrated defense measures to address the susceptibilities this bot take advantage of. The problem is with older Android devices that are not this advanced. It was also reported in 2015 that the GM Bot is to target Australian bank account holders.
Users should protect themselves from this malware bot by taking the following steps:
- Not open attachments or links in any messages or emails received on a phone that is received from an unknown sender. If it seems to be suspicious, verify it with authentic sources directly via trusted contact details.
- Make sure all relevant security software and antivirus protection is up to date.
- In the event where a compromising link is opened, make sure to change all online banking details immediately. This will include passwords and usernames. Do not use the device to make these changes.
- Inform the relevant financial institution of the possible infection and request them to scrutinize your account for any suspicious activity.