Webshelter overview

The Hitachi solution provides malware protection for mobile banking applications.

Point of View

The total amount of damage from illegal money transfers are at it’s worst. Local Banks and Credit Unions have also been targeted. Criminals are shifting targets from PCs to Smartphones and tablets which typically hold more personal information than PCs e.g. Phonebook, Location history, Action history, Banking Addresses, Credit Card information, Passwords.

Falsification app + time lag attack + remote control Illegal money transfer malware with clever methods are beginning to appear e.g. one-time password interception via SIM-swap. SMSZombie is an Android malware that steals bank account numbers and is trending quickly. Infiltration of unofficial App stores and even infiltration of genuine development tools in genuine App stores means that focus is shifting to easier targets.


Example of Malware targeting banking:

  • Install “SMSZombie” from a voluntary site
  • When the app is launched it prompts to DL the ‘Android System Service’ virus
  • A dialog requesting administrative privileges is repeatedly shown until the user presses it
  • A payment for an unauthorized premium service is automatically carried out and the
  • account number and billing details are stolen
  • ‘FakeBank’ poses as a Bank App and steals accounts and passwords
  • ‘Faketoken’ poses as a token app and steals entered passwords

Account and Password Stealing technique:

  • Windows gets infected with Trojan.Droidpak in various ways
  • Installation is repeated until the device has been infected with Android.Fakebank.B
  • When installed, a fake app named ‘Google App Store’ appears

This app deletes the legitimate banking app and installs a malignant app
This fake app steals accounts and passwords

  • ‘iBanking’ is a Malware that steals two-step authentication codes from Facebook
  • Infect PC with ‘Qadars’ in various ways
  • Prompt to install app to mobile device when logging in to Facebook
  • Users who specified their mobile as Android devices are guided to DL ‘iBanking’
  • ‘iBanking’ intercepts SMS sent to the Android device



Business Outcomes

Provides protection against mobile phone Phishing and malware targeted at mobile phone banking.