New Android malware steals Uber credentials

New Android malware steals Uber credentials

New Android malware steals Uber credentials

Earlier versions have impersonated other popular apps.

In a shocking revelation, Quick Heal Security Labs has reportedly detected an Android malware that has been targeting over 232 banking apps including HDFC Bank and ICICI Bank.

The typical recommendations apply-Symantec's advice is to make sure your software is up to date, refrain from downloading apps from unfamiliar sites, pay close attention to the permissions that apps request, make frequent backups, and of course it pitches installing a mobile security app such as Norton.

The gateway for the malware isn't believed to be the Google Play store itself, rather comes from downloading applications from third-party websites, and isn't thought to be widespread. However, this time security researchers warn about new Android malware that uses a sneaky method to steal user credentials, including a phone number or credit card details.

The list also includes mobile passbook apps such as IDBI Bank mPassbook and Baroda mPassbook. According to the report, the app will receive several pop-ups until it finds the way to activate the administrative privileges.

As reported by Symantec, the malware is a version of Android.Fakeapp, an Android trojan that attackers have been using to display advertisements and collect information from compromised devices since 2012.

Which Indian Banking Apps Are Targeted?

Once this is done, the malicious app hides its icon soon after the user taps on it.

Since the malware is able to intercept incoming and outgoing SMS from an infected smartphone, it can bypass the OTP based two-factor authentication on the user's bank account and can misuse the access.

The malicious app keeps on working in the background, checking for any banking or cryptocurrency apps.

Once it identifies an app that it can target, it pushes a fake notification on behalf of the targeted banking app.

The Fakeapp variant in question uses a spoofed Uber app user interface (UI) which appears on the screen of the affected device at regular intervals until it succeeds to trick users into entering their Uber ID and password. It will then ask for login credentials masked as that banking application.

Thankfully, the errant software can not be found on the Play Store and therefore unless you're downloading apps from other sources, which is often not a good idea, you should be safe.

Paul Manafort sues special counsel Robert Mueller, DOJ
Bets on January rate hike in Canada spike on blowout jobs data