A new Android trojan has the ability to intercept text messages and bypass the SMS-based two-factor authentication system protecting customers' bank accounts. The trojan, detected as "Android/Spy.Agent.SI" is currently targeting customers of large banks via their mobile apps. The malware tricks users into downloading it onto their devices by masquerading as Adobe Flash Player. Upon installation, it requests that the user grant the malicious app administrator rights, before seemingly disappearing from view. Rest assured, however, that while the Flash Player icon might no longer be visible, the trojan is just getting started.At this point, Android/Spy.Agent.SI contacts a remote server hosting malicious APK files whose corresponding URL paths are regenerated hourly in a bid to avoid detection by anti-virus software. The trojan uses this connection to send information about the infected device, along with the package names of installed applications, to its opera...