Trojan.Spy.FakeBank Targets Android Users

Trojan.Spy.FakeBank Targets Android Users

Banking Trojans are malicious programs that are used by cyber criminals to obtain private credentials. Their end goal is quite evident – emptying your bank account without your knowledge.

Like all malware, Banking Trojans are quickly evolving. IT security researchers note that mobile malware targeting bank clients is on the rise. Mobile applications appear to be the weak link in plenty of organizations when it comes to security, as a vast paper on the matter recently informed.

In the context of mobile malware, Android users are particularly endangered. Malware researchers reported that FakeBank (identified by researchers as, a malicious mobile application, is attacking Iranian users (.ir).

How Does Trojan.Spy.FakeBank.Ir Sneak into Mobile Phones? is camouflaged as a useful banking application. Once installed on the user’s phone, the app reviews SMS activity, particularly aimed at verification messages from the Iranian Bank, in order to imitate them.

When the victim receives an SMS, FakeBank copies its valuable information. Finally, instead of the initial bank message, the victim receives a malicious one.

FakeBank’s Vastly Growing Family

Symantec has reported that FakeBank was first discovered in October 2013. Users may identify the Trojan infection by its package name (

During the installation process, FakeBank demands permissions to:

  • Reach open network connections.
  • Install various shortcuts.
  • Perform monitoring activities.
  • Read and send messages.
  • Write to external storage devices.
  • Android has explicitly stated “apps must not be allowed to write to secondary external storage devices, except in their package-specific directories as allowed by synthesized permissions.”

    How to Escape the Mobile Trojan Threat?

    As already mentioned, targets Iranian people, precisely the Farsi speaking. Logically, one can assume that being from somewhere else saves them from the malicious mobile attack. Well, not really.

    Experts underline that Banking Trojans usually are designed for certain geographical areas, so no one is secure. In order to keep malware threats away, security professionals share the same opinions.
    The safest place for applications is Google App Store. Only use trusted Wi-Fi connections, especially when doing online banking. And lastly, always ‘scan’ the messages you receive, even the ones from your friends. Malware tends to hide in unsuspected places.