FakeSpy Android Malware
News | 06/21/2018

FakeSpy Android Information

About: FakeSpy Android malware infects the mobile devices and carries out the maleficent act of stealing confidential information. The malware is distributed via SMS. These text messages are masqueraded as legitimate messages from established compani...  Read More  

| News | FakeSpy Android Information

What is FakeSpy?

Disguising mobile apps is the most prevalent swindling technique deployed by cyber crooks to dupe users. Such Developers typically rely on popular third party apps to distribute malicious apps. For instance crooks attempt to get their apps published on Google play or app store for easy distribution of their spoofed apps. Irrespective of the techniques used to carry out the malpractices, the final motive is to steal user information and earn profit either by selling the sensitive information to the third party or extort the victim.

Recently it was discovered that maleficent developers have evolved a new tactic where the malicious act of stealing confidential information from user phones is carried via SMS. The malware used in this campaign is FakeSpy and is currently known to target Japanese and Korean nations. However everyone needs to be cautious in case the infection expands its reach.

How does the FakeSpy Android malware work?

The malware is delivered via hoax SMS. These text messages are masqueraded as legitimate messages from established companies. The text has a malicious link. Recipients unaware of the deceit click on the link which directs them to a malicious web page. Accidental or deliberate click on any button on the web page prompts user to download the malicious app on the cell phone.

If the malware is distributed in Japan, cyber crooks make use of illegitimate apps like transportation, courier, and e-commerce companies, logistics, a mobile telecommunications service, and a clothing retailer.

If the targeted audience is South Korean users, information-stealing malware appears as an app for financial services companies and several local consumers.

How is the malware dangerous?

Once the malicious app is launched on the mobile device, FakeSpy (a malware program), keeps an eye on the text messages that the victimized devices receive and send it to the C&C(Command & Control) server. The server is under the control of cyber criminals who can misuse the stolen data to carry out extortion against the victim.

FakeSpy Android Malware is configured to carry out the following malpractices:

  1. It adds unknown contacts to the infected device
  2. Resets the victimized device
  3. Steals stored SMS messages and device information
  4. Updates its own configurations.
  5. Sets the device to mute

Apart from the threats mentioned above, FakeSpy also poses a great danger to banking related applications installed on the mobile device. This Banking Trojan counterfeits the UI of the legitimate counterparts persuading users to enter their credentials to upgrade the app to the latest version. This is done to address information leaks and warns the user to lock the account otherwise. The stolen information is sent to the C&C server. Apart from banking apps the malware also targets e-commerce and digital currency apps.

Steps undertaken to forbid FakeSpy Android malware intrusion!

Practicing good security measures can prohibit malware invasion in the mobile devices. This includes:

  1. Make it a habit to download apps from official app stores.
  2. Avoid clicking on suspicious links.
  3. Regularly update credentials. Keep the Device OS and apps up to date.
  4. Keep away from unsolicited messages that demand unwanted urgency.
  5. Inspect for telltale signs of phishing such as grammatical errors or certain characters used to fake a legitimate URL.
  6. Install an authenticated antivirus to detect the entry of the malicious programs on the device.

Hits: 87

Leave a Reply

Your email address will not be published. Required fields are marked *

Did you find the article informative? Yes NO

Get Regular Updates Related to All the Threats

Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.

Virus Removal Guidelines
Plot No 319, Nandpuri- B Pratap Nagar
Jaipur
Rajasthan 302033
Phone: +91 9799661866