SAT News: Android Marcher Malware Steals Financial Info

Marcher is a sophisticated banking malware that steals users' financial information, such as online banking credentials and credit card details. The newest iteration is being disguised as an Adobe Flash player update along with social engineering techniques to trick the user into disabling security features and allowing third-party apps to install.

Upon installation, the malware hides its icon from the menu, contacts the Command and Control server with information regarding the new infection, and then waits for the user to open one of the 40 targeted financial apps. Once a targeted application is opened, the malware quickly displays a fake login page that lures users into supplying their user credentials.

The consistent changes to this malware prove that it is an ongoing threat to Android devices and will continue for the foreseeable future. To avoid being a victim, be sure to only download apps from trusted app stores like Google Play. A checkbox under the "Security" settings of your device will prevent your device from installing apps from "Unknown Sources."

The following is a list of financial apps targeted by the new Marcher variant:









For more information on other types of malware, click here.

Nuspire Insights

Nuspire Infographic

Contact Us


Nuspire Infographic

Contact Us