Trojan-Banker.AndroidOS.Acecard

Malware of this family monitors the applications that are running on a device. When a banking application is detected, for example, it is covered by a fraudulent window that displays HTML code received from a command server. In most cases, the window asks the user to enter bank card details.

In addition, the Trojan has the following additional capabilities:

• Intercept and spoof SMS messages.
• Obtain GPS coordinates.
• Intercept calls.

Geographical distribution of attacks by the Trojan-Banker.AndroidOS.Acecard family

Geographical distribution of attacks during the period from 28 June 2015 to 28 June 2016

Top 10 countries with most attacked users (% of total attacks)

* Percentage among all unique Kaspersky users worldwide attacked by this malware