Yahoo Finance Westpac, NAB, CommBank among banks targeted by wicked SMS virus
Customers of major Australian financial institutions are being targeted by new malicious software spread by SMS messages.
The virus, named Gustaff, contains logos for 189 different Australian banks and insurance firms, according to security firm Cisco Talos. This is in order to create a believable screen that the mobile user will enter their most private details into, like their online banking password.
Cisco Talos presented screenshots of fake NAB, ING and Suncorp login screens to demonstrate how the malware fools mobile users into giving up their personal data.
Commonwealth Bank and Westpac were also mentioned among the list of software packages affected by the virus.
The malware is downloaded onto a smartphone after the user clicks on a link sent to them in an SMS message. The software then goes through the address book on the phone to send more text messages to other unsuspecting people.
“The concept is that new victims are more likely to install the malware if the SMS comes from someone they know,” wrote Cisco Talos researcher Vito Ventura.
“Usually, this message targets four or five people at a time. The body contains a message and URL.”
The virus, once it takes over the phone, can also defeat two-factor authentication, which many banks use these days for extra security. This is because the criminals behind Gustaff can read any text messages that are received by the handset, including those with one-time authentication codes.
In the same way, the administrators of Gustaff can also see the smartphone’s unlock patterns or PIN.
Because of the amount of phone access this malware has, it’s not just harvested financial passwords but also enabled identity theft.
“This malware also includes features like the theft of users’ contact list, collecting phone numbers associated names, and files and photos on the device,” said Ventura.
The latest attack on Australian bank customers come after thousands of home loan holders had their private data published online after a hack on property valuation firm Landmark White.
Make your money work with Yahoo Finance’s daily newsletter. Sign up here and stay on top of the latest money, property and tech news.
