Researchers at the cybersecurity firm Avast spotted a banking trojan capable of mimicking up to 50 legitimate banking apps in order to steal banking credentials.
The bot targets Android devices and can even enable attackers to prevent victims from receiving bank alerts of any unusual activities or transactions and the trojan is also able to intercept victim's SMS messages, according to The Sun Online.
People who visit porn sites on their mobile devices are particularly at risk because they could be fooled into downloading and installing the software, according to the publication.
The trojan is based on an a common “Android Trojan bot” designed by Russian hackers which has since been put on the open market where it has been bought, sold, and modified by cybercriminals. Researchers have spotted 200,000 variations of the trojan in the wild over the last three months.