The CM Security Research Lab found that 100,000 South Korean bank customers passwords are compromised, they are closely monitoring the proliferation of malware.This malware infects users by typical trojan means, and once installed it replaces your banking apps with fake versions that are designed to steal your information.
According to Cheetah Mobile, it can pretend to be a popular game or tool on third party Android markets and fool the user into downloading it. There are dozens of Android markets in Korea.
Once App installed the virus will scan your app list for the official apps of certain banks. If it detects one of these apps, the virus will tell you that your bank app needs to be updated.
If you agree to the update, the official app (latter one) actually gets deleted and is replaced with a convincing copy.
Once the fake app has been loaded, it will ask you to input your certification password. This is a document used to indentify people for the purposes of online banking services, e-commerece, and other government related administrative purposes.
It includes your personal information as well as banking information such as your ID and password. It gives a person wide access to banking and other important services.
Once this password has been obtained, the malware asks you to enter your bank account number, passwords, and finally your bank security card number, which is issued to the user when they create an account. After all this information has been successfully entered, a pop-up window appears with the message "No Wi-Fi connection.
