Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Incident Response, TDR, Threat Management, Threat Management, Malware, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Gugi mobile banking malware reportedly tweaked to defeat Android 6 security permissions

The developers of the mobile banking trojan Gugi have introduced modifications to sidestep two key security features of Android 6, Kaspersky Lab researcher Roman Unuchek has reported in the Securelist blog.

Gugi's “ultimate goal is to overlay banking apps with phishing windows in order to steal user credentials...” wrote Unuchek. However, unlike past iterations, Android 6 requires users to approve app overlays rather than automatically executing them, and also dynamically requires user permission before engaging in potentially dangerous in-app activities, such as SMS messaging or calls.

Gugi primarily infects Russia-based device owners via SMS spam that claims the user has received an MMS photo, the blog post continues. When users attempt to view the photo, the new Gugi variant – first discovered in June 2016 – asks for the right to draw over other apps. However, users do not appear to have a choice other than to agree. Once Android's overlay permissions feature is defeated, Gugi next blocks users from accessing their phones' features until they grant additional permissions to perform various dangerous acts that Android 6's dynamic permissions feature was designed to prevent.

Bradley Barth

As director of community content at CyberRisk Alliance, Bradley Barth develops content for SC Media online conferences and events, as well as video/multimedia projects. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.