Disguising mobile apps is the most prevalent swindling technique deployed by cyber crooks to dupe users. Such Developers typically rely on popular third party apps to distribute malicious apps. For instance crooks attempt to get their apps published on Google play or app store for easy distribution of their spoofed apps. Irrespective of the techniques used to carry out the malpractices, the final motive is to steal user information and earn profit either by selling the sensitive information to the third party or extort the victim.
Recently it was discovered that maleficent developers have evolved a new tactic where the malicious act of stealing confidential information from user phones is carried via SMS. The malware used in this campaign is FakeSpy and is currently known to target Japanese and Korean nations. However everyone needs to be cautious in case the infection expands its reach.
The malware is delivered via hoax SMS. These text messages are masqueraded as legitimate messages from established companies. The text has a malicious link. Recipients unaware of the deceit click on the link which directs them to a malicious web page. Accidental or deliberate click on any button on the web page prompts user to download the malicious app on the cell phone.
If the malware is distributed in Japan, cyber crooks make use of illegitimate apps like transportation, courier, and e-commerce companies, logistics, a mobile telecommunications service, and a clothing retailer.
If the targeted audience is South Korean users, information-stealing malware appears as an app for financial services companies and several local consumers.
Once the malicious app is launched on the mobile device, FakeSpy (a malware program), keeps an eye on the text messages that the victimized devices receive and send it to the C&C(Command & Control) server. The server is under the control of cyber criminals who can misuse the stolen data to carry out extortion against the victim.
FakeSpy Android Malware is configured to carry out the following malpractices:
Apart from the threats mentioned above, FakeSpy also poses a great danger to banking related applications installed on the mobile device. This Banking Trojan counterfeits the UI of the legitimate counterparts persuading users to enter their credentials to upgrade the app to the latest version. This is done to address information leaks and warns the user to lock the account otherwise. The stolen information is sent to the C&C server. Apart from banking apps the malware also targets e-commerce and digital currency apps.
Practicing good security measures can prohibit malware invasion in the mobile devices. This includes:
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
The researchers at Virus Removal Guidelines are dedicated to track down the latest vulnerabilities which may infringe your system security. Our team of expert performs a detailed research about every malware infection before educating our users about the same.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.