The source code for an iBanking Android Malware app was released on an underground forum, making it possible for a larger number of cyber criminals to launch attacks using this kind of mobile banking Trojan in the future. The Trojan, which the RSA researchers call iBanking, is used in conjunction with PC malware to defeat mobile based security mechanisms used by banking sites. The Malware allows an attacker to spoof SMS, redirect calls to any predefined phone number, capture audio using the device’s microphone and steal the phone book contacts. The RSA researchers said:
“The malware’s ability to capture SMS messages and audio recordings, as well as divert voice calls makes step-up authentication all the more challenging as fraudsters gain more control over the OOB [out-of-band] device. This highlights the need for stronger authentication solutions capable of validating users’ identities using multiple factors including biometric solutions.”