Security researchers at FireEye have come across malware capable of hacking private data, stealing banking credentials and granting hackers remote access to the infected device.
Dubbed HijackRAT the malware comes loaded in a malicious app called Google Service Framework and is one of the most advanced malware apps ever uncovered. Normally Android malware executes privacy leakage, or sucks up banking credential theft, or remote access but this takes Android malware to a new level by combining all of those activities into one app.
The application reportedly steals and sends SMS messages, contact lists and initiates malicious app updates. It can also scan for legitimate banking apps installed on the victim machine and replace them with fakes ones.
FireEye said the malware is currently being used to defraud customers of eight popular Korean banks, but could easily be adapted by the hackers to start targeting European financial institutions. FireEye believes the rapid development cycle used by the hacker building and using the malware indicates it could be a test attack and an even more dangerous evolved version could be on the horizon.