The National Information Technology Development Agency (NITDA) has alerted the general public, especially mobile bank app users, of a new malware, Nexus Android trojan, that is designed to operate stealthily, with the ability to hide from detection and evade security measures.
In an advisory issued on Thursday, NITDA warned that a variety of different banking and financial apps are susceptible to attack by this Trojan, saying that this malware is being distributed through phishing pages disguised as legitimate websites called YouTube Vanced.
The capability of this malware, according to the NITDA, includes the ability to intercept and steal sensitive data, including login credentials, credit card information, and other financial information once it has been installed on a device.
Additionally, NITDA noted that the malware also could intercept codes from the Google Authenticator app as well as two-factor authentication messages delivered by text. The banking malware can also delete text messages that have been received on an infected device and periodically update itself by pinging a command-and-control server that is under the control of cybercriminals.
The agency, however, advised that to keep the device from being infected by this Nexus Android trojan, users need to avoid clicking on ads or unverified links, avoid visiting or downloading apps from unauthorized websites and also ensure that the device is protected with an active Antivirus software.
