Monday, June 27, 2016

ONLINE BANKING USERS AT RISK: Android Banking Trojan “Marcher” is here again!


After Svpeng, which was the first of its kind, “Marcher” is now one of the most prevalent Android passwords stealers. It is designed to target mobile app credentials from customers of variety of banks. 

Marcher at a glance

Its first stage appearance happened in late 2013 where its main aim was to steal Google Play credentials and payment card data.

In 2014, the writers’ appetite got bigger, so by using the same tactic they started targeting financial institutions, primarily in Germany but the list of targets was later expanded to include France, Poland, Turkey, the United States, Australia, Spain, Austria and others. 

In 2015 we meet Marcher again. According to IBM Security Report, 66 companies, including 62 banks, Google email services, Paypal and 9 major banks from UK are on target list. 

The problem with Marcher is that it can be created and customized for each individual actor so it is very much possible that other Marcher samples expand the target list and hit other regions. 

Marcher giveaway on underground web forums

Marcher is present on Russian underground web forums for years and now quotes for around $ 5,000.

How can you become a victim?

Marcher is disseminated to potential victims through PC adware, mobile adware, links spammed on micro blogging and social media services as well as links in spam email messages and SMS messages. 

How it works?

According to PhishLabs, just like almost every other Android Trojan, it tricks users by displaying custom made overlay screens that works on demand from a remote server under the attacker's control. In this way everything you type into the webpage goes directly to the hacker.

It can perfectly hide itself, so you might think in some cases that you are clicking on a perfectly legitimate app, installer or site. This proves the fact that the newest sample was distributed as Adobe Flash Player installers – PhishLabs

What can you do?

Zemana saw this coming and luckily found a solution. In order to protect banks and customers using their services, we designed Zemana SafeOnline that keeps you safe on Desktop and Android devices from any kind of threats even the most advanced ones.

Stay safe!




2 comments:

  1. I high appreciate this post. It’s hard to find the good from the bad sometimes, but I think you’ve nailed it! would you mind updating your blog with more information? root redmi note 4 xda

    ReplyDelete
  2. After the fiasco of the Galaxy Note 7 battery, Samsung is all set to regain the reputation of the coveted tablet series with the upcoming Galaxy Note 8. The much-anticipated device is expected to make its debut a couple of months later. So want to know more about the Samsung Galaxy Note 8? Check out this website Galaxy Note 8

    ReplyDelete