The BSI (Federal Office for Information Security) warns of a new version of the “Marcher” Trojan.

The malware that wreaks havoc on Android cell phones tries to access the PIN and TAN numbers of the respective owner. Misusing them can cause significant financial damage to account owners . According to a report from ZDNet, a new version of the Marcher malware has now been discovered that is specifically aimed at Android operating systems. The Trojan is hidden in an alleged update for Adobe Flash Player.

Previously, the malware was only available through third-party websites and not through the Google Play Store. The update offered should therefore not be permitted under any circumstances.

image

What is “Marcher” exactly?

Marcher is a banking Trojan for Android devices. Banking Trojans intercept communication with your bank in order to obtain PINs and TANs. They can therefore cause you significant financial damage. In the case of Marcher, SMS messages with smsTAN/mTAN are intercepted and forwarded to the perpetrators.

How did I become infected with Marcher?

A possible route of infection is through another malware, for example a banking Trojan like URLZone/Bebloh, which has already infected PC For example, , this malware opens a pop-up window in your browser asking you to install an additional security application on your smartphone. Alternatively, you may have been sent SMS

What do I have to do now?

  1. Stop carrying out sensitive transactions on your smartphone or tablet.
  2. Use a virus scanner for Android or reset your smartphone to factory settings.
  3. If you have any doubts that the infection has been effectively eliminated, you should reset the device and reinstall the operating system.
  4. Before performing a cleanup, back up your personal information.
  5. Furthermore, change all your passwords on the cleaned system, as these may have been spied on by the perpetrators.
  6. If you use internet banking, please contact your bank so that it can take appropriate security measures.

Source: BSI

Sign up for the Mimikama newsletter

Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )