The mBank warns smart phone owners with the Android system of a new malicious application. The device may get infected by using authorized application stores or links sent in an SMS message, which may redirect to the Google Play Store or to an unauthorized store.

The malicious application simulates the smart phone's operating system update which results in infecting the device. When an attempt to log into the mBank application is made, the user sees a so-called overlay - an additional window where you normally enter the ID and password to log into the mobile banking system. The above data is transferred to the cybercriminals.

The application's permissions allow to take over control of SMS, which causes taking control over the authorization codes sent by the bank in order to confirm operations.

As per the mBank's information, the application is dangerous in the sense that it can impersonate other known applications or offer new functionalities. Moreover, it can remove its traces in the form of restoring the phone's factory settings.

On its website, the mBank gives tips as to what steps you should undertake should your device get infected.