A malicious app targeting Android users has grown so fully featured that researchers said it has become one of the most expensive pieces of malware available in underground markets. The story helps demonstrate the high potential of Android-based trojans as operators of traditional PC-based fraud search for ways to bypass the increasing use of two-factor authentication.
Not long ago, the so-called iBanking malware package offered little more than a way for traditional PC trojans that target online bank accounts to bypass two-factor authentication protections. While the interception of incoming and outgoing SMS messages remains the main selling point, iBanking has morphed into the Swiss Army knife of Android malware. Included in the $5,000 fee is the ability to redirect incoming voice calls, covertly capture sounds within range of the device's microphone, track geolocation, access the file system, and remotely corral the device into sprawling mobile botnets that use either HTTP or SMS to communicate, depending on the current network status of the infected handset.
An analysis published Tuesday by researchers from Symantec explained: