Name of Malware: Marcher

Type of Malware: Banking Trojan

Affected Operating Systems: Android

Affected Device Types: Mobile phones, smartphones

Impact: medium

What is Marcher?

Marcher is a banking trojan for Android devices.

Banking trojans intercept communication with your bank to access your PINs and TANs. They can therefore cause significant financial damage. In the case of Marcher, text messages containing smsTANs/mTANs are intercepted and passed to the perpetrator.

How did I get infected with Marcher?

One potential route of infection is via another piece of malware, such as a banking trojan like URLZone/Bebloh, that had already infected your Windows PC. When you visit a banking site, for example, this malware opens a pop-up window in your browser with a request to install an additional security application on your smartphone. Alternatively, you may have received a text message containing a link to install the malware.

What do I have to do now?

Do not carry out any further sensitive transactions on your smartphone or tablet. Use a virus scanner for Android devices or reset your smartphone to the factory settings. If you still have concerns about whether the infection has been effectively removed, you should reset the device and reinstall the operating system. Back up your personal data before wiping the system. Once your system has been reset, change all your passwords, as the perpetrators may have been able to access them. If you use Internet banking, contact your bank so that they can implement the appropriate security safeguards.