19 August 2017, India:
The attacks of virus, trojans, ransomware and malware attacks have increased tremendously over the past year- latest being called as ‘Faketoken.’
Once on the system, the malware obfuscates its existence, installs itself, hides its icon, and gets to work monitoring which apps are being used and which messages are being received, and it records every phone call, which it then sends to its command and control (C&C) server. Recording phone calls is insidious enough, but that’s not Faketoken’s main objective: Its goals are to steal credit card numbers and intercept two-factor authentication text messages.
The modified Faketoken virus steals all incoming SMS messages by redirecting them to its command and control servers, allowing criminals to get access to one-time verification passwords sent by a bank, or other messages sent by taxi and ride-sharing services.
Faketoken performs live tracking of apps and, when the user runs a specified app, overlays this with its phishing window to steal the bank card details of the victim. The Trojan has an identical interface, with the same color schemes and logos, which creates an instant and completely invisible overlay, ET reported.
“Android’s security problems emerge on a regular basis, despite Google’s many attempts to bring its security to the appropriate level. Developers push new and more secure versions forward, but actual adoption of those secure versions lags behind heavily,” added Altaf Halde, Managing Director- South Asia, Kaspersky Lab.
Kaspersky researchers have also detected ‘Faketoken’ attacks on other popular mobile applications, such as travel and hotel booking apps, apps for traffic fine payments, Android Pay and the Google Play Market. (Image- thenewsminute)