Beware Google Chrome users on Android, this malware steals your bank details: Here's how to stay safe

Hackers are often looking for ways to enter users’ personal smartphones and gain as much information as possible, with the end goal of looting money or selling the data they acquired. The same is the case with a new malware – Mamont – that has been quietly stealing important information, including bank details and OTPs of individuals who unknowingly allowed it to do so.

Named after the Russian word for a woolly mammoth, ‘Mamont’ is a malware that disguises itself as a popular web browser, slowly gaining users’ trust, and finally stealing crucial data like bank details.

As per a cybersecurity firm, G Data, Mamont impersonates the Google Chrome web browser and tries to access your banking details, among other things. This malware is distributed via phishing and spam messages. Once a user has this malware on his device, he can see two Chrome browsers if he already has the original app installed.

However, unlike Chrome’s original icon on Android, the Chrome app that malware downloads has a black border around it. Also, the app is named “Google Chrome”, whereas, the Google official app is named just “Chrome”. These are the two ways of noticing such malware on your device.

This fake Chrome browser then seeks permission to make and manage phone calls and send and view SMS messages. After granting the required permissions, it falsely sends an alert to users saying that they are selected as the winner of a cash prize. Then, it asks them to input their mobile number and credit card details.

Further, it prompts users to not delete the Chrome app in the next 24 hours to receive the prize money. However, this is when the virus reads through all the important messages, including banking details, and stores them on a Telegram channel. This information is later used to steal money from users’ bank accounts.

Notably, this malware is currently on Android and is spotted in Russia. However, it may not take time to reach other regions. That said, users need to be vigilant and follow a few guidelines to be safe.

How you can stay safe

— The first thing you need to do is refrain from downloading apps from suspicious websites or links shared with you through SMS. Always download apps from trusted marketplaces like Play Store.

— Look for duplicate apps on your phone. Since this malware can impersonate popular apps, you must always check whether or not you have a single app on a phone. There shouldn’t be more than two Chrome apps or other similar apps, unless, you have cloned the apps.

— Try to install the latest updates of the apps from the Play Store, this way if there’s any vulnerability, Google may have already patched it in the latest update. So, it’s always better to update apps to the latest version.