Searching
..

Click anywhere to stop

Trojan-Banker.AndroidOS.Faketoken

Detect Date 08/20/2015
Class Trojan-Banker
Platform AndroidOS
Description

Malware in this family steals a user’s one-time banking password and is used in combination with Trojans. When the user is logged in to an online bank, the Trojans inject code into the web page. The web browser window, which is displaying the page of the online bank, asks the user to download an Android app. The user is falsely informed that the app is necessary for making safe banking transactions, and the page is modified to display a link to the Faketoken Trojan. When the downloaded malware is run on the user’s smartphone, the cybercriminal uses the malware to obtain access to the user’s bank account. Faketoken enables the cybercriminal to intercept one-time mTAN (mobile transaction authentication number) codes and transfer the user’s money to other accounts.

Malware in this family was first identified in late March 2013.

Top 10 countries with most attacked users (% of total attacks)

Country % of users attacked worldwide*
1 Russian Federation 86.60
2 Kazakhstan 3.82
3 Ukraine 3.47
4 Belarus 1.45
5 Uzbekistan 0.51
6 Germany 0.42
7 Azerbaijan 0.32
8 India 0.27
9 Kyrgyzstan 0.25
10 Tajikistan 0.25

* Percentage of all unique Kaspersky users attacked by this malware

Find out the statistics of the threats spreading in your region