DIGITAL CONTENT CREATOR

Customers of eight Malaysian banks have had their online banking credentials stolen via a bogus Android app posing as a housekeeping service.

Initially noticed by MalwareHunterTeam last week and later analyzed by security experts at Cyblis, this application is promoted via numerous bogus or copied websites and social media accounts in order to advertise the malicious APK ‘Cleaning Service Malaysia.’

How Does It Work?

As explained by BleepingComputer, when users install the application, they are asked to approve at least 24 permissions, including ‘RECEIVE SMS,’ which is unsafe because it allows the app to keep track and see all SMS texts received on the mobile.

This permission is being exploited to read SMS messages in order to collect one-time passwords and multi-factor authentication credentials used in e-banking applications, which are subsequently transferred to the cybercriminal’s server.

Source

When the fake app is launched, it will prompt the user to fill out a form in order to schedule a house cleaning.

Source

The targets are asked to select a payment method the minute they enter their cleaning service information such as names, physical addresses, phone numbers into the malicious app.

Source

Following that, the victims will be presented with a list of Malaysian banks and internet banking alternatives, which, if selected, will send them to a false login page that looks identical to the real one.

Any financial details provided at this point are delivered straight to the attackers, who can utilize them together with an intercepted SMS code to access the target’s online banking account.

When Do You Know It Is Fraud?

First of all, you can easily spot a fraud scheme by paying attention to the social media accounts promoting these APKs (Android application packages). The fact that they don’t have a lot of followers or likes and that they were recently created should be enough to make you have doubts.

Also, users should pay attention to the provided contact info. Because almost all the fake websites chose legitimate cleaning services to impersonate, differences in phone numbers or email addresses are a major red flag.

Source

Last but not least, the requested permissions. They also suggest that something is wrong because a cleaning service application has no reason to ask for access to a device’s texts.

What Android Users Can You Do in Order to Stay Safe?

  • use only the official Google Play Store to download Android apps
  • always double-check the requested permissions
  • do not install an app that is asking for greater privileges than it should require for its functionality
  • keep your device updated by installing the newest available security updates and using mobile security software from a reputable vendor.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Top 10 Most Dangerous Banking Malware That Can Empty Your Bank Account

Banking and Insurance Cybersecurity in 2021: Threats and Considerations

Did You Know That There Are Various Types of Online Financial Frauds Lurking in the Cyberspace?

Android Permissions Can Be Dangerous: Full Guide to Managing Them

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP