Several malicious Android apps designed to steal mobile transaction authentication numbers (mTANs) sent by banks to their customers over SMS were found on Google Play. The apps were created by a gang that uses a variant of the Carberp banking malware to target the customers of several Russian banks. Victims are tricked into downloading and installing these apps on their phones via rogue messages displayed when visiting their bank’s website from an infected computer. Kaspersky contacted Google on Wednesday and all CitMo variants were deleted from the market by Thursday.”]