Trojan:AndroidOS/Banker.M

Guidance for end users

Take these steps to help prevent malware infection on your mobile device

Guidance for enterprise administrators

Apply these mitigations to reduce the impact of this threat. Check the recommendations card for the deployment status of monitored mitigations. 

• Microsoft Defender Antivirus provides detections of the spyware. Customers utilizing automatic updates do not need to take additional action. Enterprise customers managing updates should select the new detection build or newer and deploy it across their environments. If not, we suggest blocking the indicators on your mobile defense system. 
• Use Microsoft Defender for Endpoint on Android, and Microsoft SmartScreen to provide additional protection from connections to the known infrastructure associated with these attacks. 
• Configure site and download checking and app and file checking in Microsoft Defender SmartScreen to block or warn.
• Install apps from registered app stores such as Google Play Store.
• Avoid enabling permissions to unknown apps which are not downloaded from trusted app stores. Do not visit or click suspicious links received from unknown sources as this could lead to the download of malicious apps to the device.
• Turn on cloud-delivered protection and automatic sample submission on Microsoft Defender antivirus. These capabilities use artificial intelligence and machine learning to quickly identify and stop new and unknown threats. 
• Educate end users about preventing malware infections. Encourage end users to practice good credential hygiene.