Malware is the worst types of programs that are used to spy on others’ systems via illegal access. As Android is the most popular OS for smartphones, this platform is also the most appropriate one for hacking. FakeBank, an Android malware has been improved to work better at spying. It is a Trojan that overlays a fake login screen on the top of a legitimate banking app.
FakeBank is regarded one of the most creative malware for its working method. It whitelists its process so that it can run even on sleep mode. Additionally, it installed TeamViewer to give full access to remote users. With its new variation, it can intercept phone calls and redirect them to scammers.
FakeBank itself is an innovative one, but the new variation is quite unique on its own. The malware acts just like any other banking Trojan with the new ability. Whenever a user tries to contact with the bank’s phone number, it redirects the call to a scammer’s number. The scammer can easily collect the user’s sensitive information without knowing.
Moreover, the scammer can also call the infected device. The Trojan will show it as a call from the bank, allowing crooks perform their illegal acts without raising any suspicion.
Currently, the new FakeBank variation was spotted in South Korea, according to the report of Symantec researchers. Experts found the Trojan injected into 22 apps that are being distributed by 3rd-party app stores. The links shared via social media are also infected. That’s why it’s the best to follow precautions before you get infected as well.
This indicates the weakest point of Android ecosystem – the app installation process. This is in the hand of the users to make sure that they are installing apps from trusted sources and what permissions they’re giving to these apps. The best practice is not to install apps from other sources and obtain them from Google Play Store only that provides a small scanning of all the apps.
Previously, we also saw such attacks that stole bank credentials from apps. Check out the infamous Man-in-the-Middle attack.