A new phishing campaign targeting Android users in Russia threatens to steal the mobile banking credentials of mobile banking users, according to post on the Symantec blog
Instead of creating an app that disguises itself as a specific banking app, the malware, Android.Fakelogin, masquerades as a mobile game that users download.
In speaking with SCMagazine.com, Satnam Narang, senior security response manager at Symantec, said the app searches for banking apps that may be running on the users' device, then creates an over page to disguise as that app. The mobile games that infect devices with the Android.Fakelogin malware, are not available on Google Play store, so Narang suggested that users only download apps from the official Google Play store.
The vulnerability was addressed by the most recent Android update, Marshmallow