1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This dangerous new Android malware can steal your passwords and 2

    From TechnologyDaily@1337:1/100 to All on Mon May 8 17:45:03 2023
    This dangerous new Android malware can steal your passwords and 2FA codes

    Date:
    Mon, 08 May 2023 16:26:02 +0000

    Description:
    Multiple apps are distributing an infostealer that targets victims in Eastern Asia.

    FULL STORY ======================================================================

    Cybersecurity experts from Check Point Research recently discovered a new malware campaign targeting Android users in Easter Asia. In the campaign, the threat actors built mobile apps that mimicked actual solutions and tried to trick people into downloading them.

    Those that would fall for the trick would end up giving sensitive personal data, such as passwords and banking details, to the hackers.

    The researchers dubbed the malware FluHorse, reporting its operators have
    been active for a year now. The criminals would try to distribute the malware via email, sending phishing emails to high-profile targets telling them to download an app and sort out a pending payment problem. Low effort

    Some of the apps being distributed through these email messages are Taiwanese toll-collection app ETC, VPBank Neo, a Vietnamese banking app, and an unnamed transportation app. The legitimate versions of the first two apps have more than a million downloads, while the third one has 100,000 downloads.

    The operators didnt really try to copy the legitimate apps completely, the researchers found, but rather just copied a few windows and mimicked the graphic user interface (GUI). As soon as the victim enters their account credentials and credit card details, the app would display a system is busy message, in an attempt to buy time, as it shares the stolen data with the attackers. Read more

    This dangerous Android malware is seeing a huge rise in infections


    Dangerous new 'Hook' Android malware lets hackers remotely control your
    phone


    Check out the best malware protection software right now

    The apps are also capable of intercepting multi-factor authentication (MFA) codes, as well.

    The common denominator for all email-borne Android attacks is that they all invite the victim to urgently download an app from a third-party repository, which would then ask for plenty of permissions. To stay safe, its best to use common sense - emails from legitimate companies rarely have urgent requests, and would not have their official apps sitting on shady, third-party repositories. Finally, asking for excessive permissions is a major red flag, as well. Here are the best ID theft protection options around

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/this-dangerous-new-android-malware-can-steal-yo ur-passwords-and-2fa-codes


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)