Acecard TrojanShort Bytes: AceCard has become one of the most advanced Android Trojans with severe dangerous capabilities like sneaking into any social or personal account, root permission of your phone and phishing into the banking apps. Kaspersky has some general precautions for Trojans like this, let’s tell you about them.

With AceCard, the world of Android Trojans is seeing a new kind of malware. Cybercriminals release this kind of malware first with the basic functionalities which almost looks non-malicious to the users and the antivirus. After some time, the same trojan gets additional functionalities and becomes more dangerous.

In the last phase of its attack, this trojan launches a massive attack affecting thousands of devices trying to steal banking and credit card information or spying on the devices.

Here is an interesting timeline evolution of the AceCard Trojan on Android:

Acecard Timeline

As you can see in the picture above, it was just a backdoor program when it was released 2 years ago. After almost a year, it began turning on its banking capabilities like overlaying payment pages and modifying the phone to the factory reset. And in the last phase, it began to acquire the root capabilities of the phone.

Also read: This New Linux Trojan Launches Deadly DDoS Attacks at 150+ Gbps

AceCard is an Android banking trojan consisting of several modifications over the time. It performs its function by overlaying mobile banking applications with its own phishing forms that the unsuspecting user would be eager to fill in with their credit card data. Once a user presses ‘Submit’ (or a similar action), the data is stolen.

There are two main reasons which make AceCard deadlier:

  • Unlike other banking Trojans, AceCard is capable of overlaying around more than 30 banking apps
  • It can also be used for Phishing in social networking apps like Facebook, Twitters, Whats app, Skype, and Paypal App and Gmail client.

Here are some of the suggestions released by Kaspersky Antivirus for this Trojan:

1. Pay attention to the apps you install. For example, AceCard doesn’t show anything but the Flash Player logo while running, but that’s the perfect time to recall that there is no Android Flash Player anymore.

2. Don’t download applications from nonofficial stores and even if you are using an official store don’t download apps that you don’t trust and don’t really need. Hackers can bypass Google Play’s security and your new kitty wallpaper app can turn out to be infected.

3. Use a good security solution. Kaspersky Internet Security for Android detects all known versions of AceCard and thus would serve as a good enough protection against AceCard as well as other malware families.

Also Read: What Is the Difference: Viruses, Worms, Ransomware, Trojans, Bots, Malware, Spyware etc?