Gugi, a new banking Trojan, has found a way of sidestepping Google’s Android defence system and pilfering users’ mobile banking credentials. Gugi creates a bogus overlay screen, then tricks users into handing over log-in details for their accounts.
Android’s 6.0 Marshmallow operating system is designed to prevent this happening, but Gugi has found a way to bypass this. If it doesn’t get what it wants, it goes on to block the device – rather like a spoilt child. While Gugi is so far mostly confined to Russia, it is thought to be spreading rapidly. Another reminder why anti-virus and malware detection programmes for mobile phones are ever more crucial.