Tech & Science Protect Your Banking Data From This New Android Threat

© Getty Image: Getty Images

A new malware threat has been found lurking in the depths of Google's Play Store and this time it's coming for your banking details. Here's what you need to know.

Researchers at Lookout, a mobile cybersecurity company, found a number of Android apps on the Google Play Store had been exploited by a vulnerability called Strandhogg.

The vulnerability allows hackers to pop an overlay over common apps in order to capture information entered. The affected apps could pretend to be your bank app, for example, and when you enter your banking details, it would capture your login credentials and use them to access your bank account. Lookout found 36 apps had been exploiting the vulnerability but did not name which ones specifically.

Why you'll see heavily armed police at airports this Christmas

Anti-terror police armed with assault rifles will patrol Brisbane and Canberra airports this Christmas. The squads will then be added to seven more airports over the next 18 months.The extra 135 officers will be armed with MK18 short-barrelled rifles and trained to assess hostile threats and behaviour.They will be accompanied by bomb-detection dogs.© AFP/Facebook Anti-terror police armed with assault rifles will be patrolling Brisbane and Canberra airports this Christmas, before being rolled out in Sydney, Melbourne and Perth in the next few months.

2. Mobile banking threats . In 2017, the mobile banking Trojan BankBot snuck into Google Play on numerous occasions, circumventing Google’s automated checks and affecting Stay protected . Be smart with your smartphone and follow these tips to keep yourself and your device secure.

Here are 5 common mobile threats and steps to help protect yourself from them. In fact, the number of new mobile malware types jumped 54 percent from 2016 to 2017.1. They can then hijack your mobile device and mine the information it holds or has access to, such as your banking information.

The vulnerability, and the malicious apps, have been reported to Google but the report explains they've found tangible evidence that the exploitation may have affected a number of users already.

Is it time to dispose of my Android device?

Before you calmly walk to the bin and dump your hot malware-ridden device in it, there's no need to be rash. While the researchers said it was not easy to tell whether your device had been affected, it did point to some key indications.

The following signs could indicate an app is affected:

• An app or service that you’re already logged into is asking for a login.
• Permission popups that does not contain an app name.
• Permissions asked from an app that shouldn’t require or need the permissions it asks for. For example, a calculator app asking for GPS permission.
• Typos and mistakes in the user interface.
• Buttons and links in the user interface that does nothing when clicked on.
• Back button does not work like expected.

As always, the best advice is prevention and being informed. It's best to only use trusted apps and check who the supplier is when downloading them from the Play Store. If there are typos or incorrect branding, it may not be the app you think you're downloading. Being mindful of what information you enter into an app is also important to be vigilant of. Unless it's your trusted banking app, it's probably not wise to chuck your details in anywhere.

While it certainly seems like a case of the Boy Who Cried Wolf, the constant stream of Android security alerts should never be dismissed lightly; especially when they come from cybersecurity professionals. Until the next malware alert, stay safe out there.

[Via Ars Technica]