A new malware targeting customers of Australia’s biggest banks
has been detected.

Westpac, Bendigo Bank, Commonwealth Bank, St. George Bank,
National Australia Bank, Bankwest and ANZ Bank have all been listed as under
threat.

The sophisticated virus, Android/Spy.Agent.Sl, has been discovered
by digital protection agency, ESET.

In a statement, ESET said the malware presents its victims
with a fake version of the login screen of their banking application and locks
the screen until they enter their username and password.

“Using the stolen credentials, the thieves can then log in
to the victim’s account remotely and transfer money out,” said ESET Malware Researcher
Lukas Stefanko.

“They can even get the malware to send them all of the SMS
text messages received by the infected device, and remove these.

“This allows SMS-based two-factor authentication of
fraudulent transactions to be bypassed, without raising the suspicions of the
device’s owner.

“The Trojan spreads as an imitation of Flash Player
application.

“After being downloaded and installed, the app requests
device administrator rights, to protect itself from being easily uninstalled
from the device.

“After that, the malware checks if any target banking applications
are installed on the device.

“If so, it receives fake login screens for each banking
app from its command and control server.

“Once the victim launches a banking app, a fake login
screen appears over the top of the legitimate app, leaving the screen locked
until the victim submits their banking credentials.”

Banks in New Zealand and Turkey have also been targeted.

HOW TO REMOVE THE MALWARE

For those
who believe they are infected by the malware, it can be removed by first decommissioning
administrator rights for the app by going to Settings > Device
Administrators > Flash Player > Deactivate.

The user
can then uninstall the malware app in settings.