New Android Malware Targets Facebook users
order sans-serif;”>A new malware spreading through Facebook is currently attacking android devices, while masquerading as an innovative security tool. The malicious app is offered to Facebook users through a pop-up notice appearing on their screen, asking them to type in their phone number and operating system. After the details are transmitted to the attacker the victim gets an SMS message with a personal code, along with a link to another website. After reaching that website and entering the code the application is downloaded onto the user’s device. From that moment on the attacker has full access to the mobile device and every last bit of information stored in it.
Fake Facebook notice
One of the most disturbing things about this new malware is the fact that it allows the attacker to access financial applications, conducting even very sensitive operations that require complex identification processes. “In the context of banks, the attacker can bypass the two-stage verification process,” warns Amir Carmi, Director of Support for ComSecure, ESET’s representative in Israel. “This trojan lets me steal the passwords for your banking application, for example, an application that has much higher clearance levels. When I install a banking application only to view this information I can skip that entire process, a process that exists only when verifying even more critical actions, like money transfer.”
iHLS – Israel Homeland Security
This is possible due to the fact that the attacker, in this case, can see the information on the device – including the banking application and the user’s account details – in addition to the SMS that the device owner receives from the bank in order to verify his or her identity.
The link to the malicious application
“Right now it’s used mainly to steal bank account details that require verification, but soon it will probably be used to steal other details as well,” explains Carmi. “The code that enables all these sophisticated activities, called iBanking, is currently distributed through darknet and in underground hacker forums, allowing them to add the code to existing malware. In the immediate future we’ll encounter new malware and trojans using this new method – perhaps with some slight variations.”
Hat Tip: Please visit their informative site: iHLS – Israel Homeland Security
_________________________________________
Get free Citizensjournal.us BULLETINS. Please patronize our advertisers (including below) to keep us publishing and/or DONATE.
