ESET Research
Banking malware on Google Play targets Polish banks
Besides delivering the promised functionalities, the malicious apps can display fake notifications and login forms seemingly coming from legitimate banking applications, harvest credentials entered into the fake forms, as well as intercept text messages to bypass SMS-based 2-factor authentication.
Lukas Stefanko • 11 Dec 2017