Faketoken Malware Targets Russian Ride-Sharing Applications

A recent updated version of an Android malicious program called Faketoken.q enables the malware to quite easily capture the credit card details of users of ride-sharing applications. During its assaults, Faketoken reportedly, targets ride-sharing applications used in Russia as it places text boxes onto those pages which contain credit card info and then steals victims' credit card numbers along with vital information of other kinds.

Within one August 17 blog post, Kaspersky the security company elaborately describes the latest Faketoken malware. While being there for a year or so, the malware has now become especially threatening. Upon infecting Android devices, it taps text messages; records phone conversations while seizes data from different applications.

Even worse is that the victim may not really realize the malicious program is actively doing harmful acts on his smart-phone. According to Kaspersky, soon as the Trojan gets activated, the shortcut icon of the malware gets concealed while the malware begins monitoring all calls along with applications the end-user entertains. There is certain overlay mechanism with which information is lifted from 2,000 or more applications among which are Google Play Store's Android Pay; applications used for reserving taxis, flights and hotel lodgings; as also applications for paying traffic tickets. Immediately when those applications are clicked, Faketoken overlays one fake 'user interface' over the real one and asks victims for entering their financial details.

Disguising like one photo application in the infected user's Android phone, the Trojan in particular camouflages to be maximally sneaky. Thereafter, it monitors all the applications of the victimized user while utilizes one Cloak & Dagger like methodology which places interface items on top of active applications. And though the feature has some usefulness within certain cases, it's also perilous within others. Techcrunch.com posted this on the Web, August 17, 2017.

Faketoken is designed for seizing any inbound SMS too followed with uploading them onto command-and control (C&C) systems to help hackers gain access.

For now, Russian users are getting targeted; however, Faketoken assaults valuably reminds that no one must ever take down things online from any unfamiliar sources to avoid the consequences.

» SPAMfighter News - 8/24/2017