Hackers Can Intercept Bank Security Texts with New Android Bug

Hackers are able to intercept the security text messages banks send to online banking customers' phones to validate them as they log in.

The messages can be intercepted with malware installed on a smartphone that runs Google Inc.'s Android operating system, Computerworld reported Tuesday.

The malware, a version of the SpyEye bug, complements its PC version to steal banking data across channels, according to the security vendor Trusteer Ltd., which announced the discovery of the new malware variant.

"The desktop portion of SpyEye captures the username and password," Amit Klein, Trusteer's chief technology officer, told Computerworld.

The ability to intercept text messages "was the piece that was missing," he added.

Fraudsters that have infected a user's PC can instruct the user to download the Android malware when they detect a bank is trying to send a security code via text. So far the Android version has been spotted only in Europe and Australia, the article said.

Daniel Wolfe

Director, Data Services, Arizent

MORE FROM AMERICAN BANKER

Payments

The tech trends driving a boom in embedded payments

As AI and digital assets become mainstream, banks are spotting new opportunities to integrate payments with other activities.

By Cheryl Winokur Munk

July 4
Politics and policy

GOP megabill cutting CFPB funding goes to Trump's desk

House Republicans overcame internal divisions to narrowly pass President Trump's tax and spending package Thursday afternoon. The measure would cut the Consumer Financial Protection Bureau's funding level, among other provisions.

By Claire Williams

July 3
Artificial intelligence

How BBVA is using AI to save employees 3 hours a week

A new partnership with Google Cloud will let the Spanish bank offer Gemini to all staff after a successful ChatGPT deployment.

By Melinda Huspen

July 3
Industry News

CoastalSouth's IPO prices at lower than expected range

Atlanta-based CoastalSouth's initial public offering prices at $21.50 a share; Valley National Bancorp announces Lyndsey Sloan will succeed Gary Michael as general counsel; Webster Financial Corporation taps a new chief risk officer and appoints a new board member; and more in this week's banking news roundup.

By Editorial Staff

July 3
Originations

Capital One confirms Discover home equity shutdown

Capital One closed the deal to buy the credit card provider in May and as part of the review process, decided to exit its home equity lending business.

By Brad Finkelstein

July 3
Fintech

Exclusive: BECU acquires EarnUp's generative AI unit

In a rare move for a credit union, the Seattle institution has snapped up the 13-member team that created EarnUp's AI Advisor product.

By Penny Crosman

July 3

	About Daniel
twitter	wolfewriter
mailto	daniel.wolfe@arizent.com
linkedin	daniel-wolfe-5947087