The base source code for a really nasty Android-based family of trojan viruses was released into public forums – for free – in December 2015, and from what we are hearing this family of viruses is on the rise on devices.
The GM Bot viruses (also called SlemBunk, Bankosy, as well as MazarBot) are a type of trojan with a primary goal, at this point, to gain your banking and financial data, credentials, etc. though on top of all of that can ‘root’ and wipe your device (meaning you would loose all your pictures, music, everything – basically “Bye Bye”). Additionally, what makes this trojan so nasty is that it can forward your phone calls, intercept SMS/Text messages, etc… which just makes it that much easier for these criminals to bypass any two-step authentication that you may have setup with your banking firms, or other sites to guard against identity theft type situations like this.
How-to Protect yourself
- Make sure you have a good (meaning they have a good team of developers) Anti-Virus software installed and running that is up-to-date. Avast, the anti-virus software we prefer and recommend for all devices (including Windows PCs, Android and Macs), has had the MSIL: Banker-GM [Trj] included in the definitions since February 13, 2016 and included with virus definition update 160213-0.
- Never open attachments that you don’t know who they are from, or that you were not expecting. Also, be very cautious of links in SMS/text messages and emails. Keep in mind, even responding to these messages asking if the person meant to send it, the hacker could intercept the message and send something back saying “Of course” or something to make you think that your friend sent it.
- In your Android settings, make sure under Security>Unknown Sources>”All installation of applications from both trusted and unknown sources.” is turned OFF. (in Android 5.x it is under “Lock screen and security”). Turning this off only allows app installs from the Google Play store.
- Avoid unknown and unsecured Wi-Fi hotspots, “public” Wi-Fi hotspots, and generalized hotspots like “xfinitywifi”, “att”, “linksys”, etc, as these can easily be “spoofed” and used by phishers, or other maliciously intended people, to gain your information with you just freely and unwittingly giving it to them.
Get avast! Anti-Virus Mobile (SSL encrypted link)
Sources: cited/linked directly in article