Fakeapp Trojan Attacking Android Application of Uber

It is since ages that the Trojan Fakeapp, which targets Android phones, has been known to contaminate the mobile platform of Google in various incarnations, while a most recent version imitates Uber's interface. Symantec states after uncovering the latest version, having examined several before this that the Trojan emerges within regular intervals on-screen, trying to dupe the user into entering his password and phone number. On hitting the enter key by the user, it transmits his login details onto one distant server from where they're maliciously used.

However, providing an imitation of the log-in page of Uber isn't all the Fakeapp variant does. For, it gives the victim an artificial sense of safety as also for not letting him become suspicious followed with resetting his password frequently enough, the Trojan even installs one page from the real application which displays the victim's location when he hits the enter key. Seemingly, this is done via deeply connecting to certain Web address within the legitimate app which triggers off Ride Request process utilizing the victim's location to start with.

Specifically, for disguising the theft of login credentials, Fakeapp utilizes deep web-links leading onto Uber's real application for exhibiting the victim's immediate location - that seems like the victim is trying to reach the Uber application rather than any sinister fake.

Deep web-linking channels end-users towards specific content inside any particular application. Within the current instance, Symantec discovered cyber-criminals utilized deep web-links for picking the actual location details of a rider of Uber vehicle. Gizmodo.com posted this, January 4, 2018.

Fortunately, Uber riders in vast number aren't endangered. The Trojan takes up the guise of Uber application, which isn't there on Google Play Store, but it needs to be taken down from some other source. A limited number of users are possibly within countries speaking Russian language. According to a spokesperson of Symantec, the company doesn't expect the kind of application getting widely distributed.

Yet, as a fair reminder to end-users, they mustn't take down applications from untrustworthy places rather be consistent with Google Play while also not expect malevolent applications to be sophisticated.

» SPAMfighter News - 1/9/2018