New Fakebank Trojan Records Android Users’ Calls to Bank
Symantec the security company has issued an alert that one fresh strain of Fakebank the malicious program designed for targeting Android devices is now attacking with a previously unknown twist. Thus it records conversations between an end-user and his bank then diverts the call onto the number of Fakebank's controllers followed with masquerading call from the criminals as that from bank.
Researchers from Symantec write in their blog that 22 applications are contaminated with Fakebank's new strain. The apps had been disbursed via other application stores and also via social networks chiefly in South Korea. During January 2018, Fakebank malware was first observed.
The modus operandi of the Fakebank Trojan involves enticing end-users into entering credentials into fake login pages. Originally, by white-listing itself on Android smart-phones, Fakebank enabled hackers in gaining admission into the devices via TeamViewer. Ibsintelligence.com posted this dated March 19, 2018.
The tricks which Fakebank uses are innovative as well as clever, with the most recent version working exactly as a common banker Trojan; however, there's certain twist in it. This twist is diverting end-users' bank calls onto the scammer's phone, while masking the latter's number to seem as the formers bank.
Fortunately, Android 8 (Oreo) along with its later versions does not let overlaying of the actual caller's identification as part of security measures; therefore, deception in that is ruled out from working.
Symantec researchers explain the APIs as well as associated permission utilized for executing the Fakebank deception are now there all over Android versions. The Trojan uses its version optimally for eschewing end-users' requesting permissions.
Android users must exercise more caution regarding the applications they load as part of other security measures. They must be vigilant about applications served through unauthorized marketplaces, while be careful in examining the consents which an application requests once loaded.
The security researchers advise end-users to maintain software in its updated edition; not download applications from unrecognizable websites as well as solely load applications from trustworthy places; while peruse the permissions which the various applications request. In addition, end-users need make vital data's backups frequently, the researchers urge.
» SPAMfighter News - 3/26/2018
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!