Android banking malware SlemBunk is part of a well-organized campaign
An Android Trojan that targets mobile banking users has evolved into a sophisticated, persistent and hard-to-detect threat, suggesting that it is part of a well-organized attack campaign.
Researchers from security firm FireEye first documented the Trojan in December and named it SlemBunk. Once installed, it starts monitoring the processes running on the device and when it detects that a mobile banking app is launched, it displays a fake user interface on top of it to trick users into inputting their credentials.
The Trojan can spoof the user interfaces of apps from at least 31 banks from across the world and two mobile payment service providers.