Skip to main content

Technology; New Android Malware Targeting Bank Customers.

By Editor


Researchers have discovered a new Android banking malware that targets Brazil's Itaú Unibanco with the help of lookalike Google Play Store pages to carry out fraudulent financial transactions on victim devices without their knowledge.


"This application has a similar icon and name that could trick users into thinking it is a legitimate app related to Itaú Unibanco," Cyble researchers said in a report published last week. "The [threat actor] has created a fake Google Play Store page and hosted the malware that targets Itaú Unibanco on it under the name 'sincronizador.apk.'"


The tactic of leveraging fake app store pages as a lure is not new. In March, Meta (previously Facebook) disclosed details of an attack campaign that used its platform as part of a broader operation to spy on Uyghur Muslims using rogue third-party websites that used replica domains for popular news portals and websites designed to resemble third-party Android app stores, where attackers put fake keyboard, prayer, and dictionary apps that might appeal to the targets.


Android Malware

In the latest instance observed by Cyble, the fake URL not only impersonates the official Android app marketplace, but also hosts the malware-laced Itaú Unibanco application, in addition to claiming that the app has had 1,895,897 downloads.


Users who install and launch the imposter app from the supposed Google Play Store page are subsequently prompted to enable accessibility services as well as other intrusive permissions that allow the malware to access notifications, retrieve window content, and perform tap and swipe gestures.


Prevent Data Breaches

The goal of the trojan, per the researchers, is to perform fraudulent financial transactions on the legitimate Itaú Unibanco application by tampering with the user's input fields, joining a long list of banking malware that abuse the accessibility API. Google, for its part, has begun imposing new limitations to restrict the use of such permissions that allow apps to capture sensitive information from Android devices.



This is far from the first time the Sao Paulo-based financial services company has come under the radar of financially-motivated threat groups. Earlier this April, ESET revealed a new banking trojan dubbed Janeleiro that was observed striking corporate users in Brazil at least since 2019 across various sectors such as engineering, healthcare, retail, manufacturing, finance, transportation, and government.


"Threat Actors constantly adapt their methods to avoid detection and find new ways to target users through increasingly sophisticated techniques. Such malicious applications often masquerade as legitimate applications to trick users into installing them," the researchers said.


"Users should install applications only after verifying their authenticity and install them exclusively from the official Google Play Store and other trusted portals to avoid such attacks."



#THN


#osutayusuf


Comments

Post a Comment

Popular posts from this blog

UGANDA ELECTORAL COMMISSION TO ELIMINATE NATIONAL IDENTIFICATION CARDS (IDs) FOR 2021 GENERAL ELECTIONS.

By Editor
The elimination of using National IDs (Ndagamuntu) for the 2021 elections should not have come as a surprise. One would be very NAIVE to think that Bobi Wine has not prepared for this in his Business Plan under the RISK section. It is public knowledge that our EC is not independent.  It is also public knowledge that Military Dictator Yoweri Museveni will never lose an election. What stunned us this morning is when we noticed that on social media, people were mocking Bobi with his "get your Ndagamuntu".  We are on record for saying to all Our readers that the National ID is like Apartheid in South Africa. Students of History would know how those IDs were being used to arrest people, deny them jobs, deny them basic services. Consequently, Bobi was not wrong and will never be wrong on the Ndagamuntu. Except the ones attacking him and mocking him forget that in Uganda, now, no National ID (Ndagamuntu), no service.  If you have not been denied registering your child i...
Post a Comment
Read more

President Museveni Praises Soldiers for Torturing Bobi Wine in Arua on August 2018.

By Editor
        President Museveni at the passout of police officers in Masindi Friday https://www.facebook.com/1829407613953796 President Museveni has praised his Special Forces Command [SFC] guards for properly and legally beating National Unity Platform [NUP] presidential flagbearer, Robert Kyagulanyi aka Bobi Wine. “The other day, there was a fracas in West Nile where our young friend Bobi Wine was fighting security people,” Museveni said Friday while passing out police recruits at Kabalye Training School in Masindi district. “I think they beat him a bit and then they came and said a Member of Parliament has been beaten. I said let me study and see how he was beaten. I found the man had been beaten in the right way,” Museveni explained. “This was because…I think this was SFC people who are not police-minded. They are used to doing other things. But somehow they managed to act properly, I was surprised.” When they [SFC] went where this young man was in the room, he had ca...
Post a Comment
Read more

Parliament Urges Government to Provide Shs 4 Billion to Media Houses to Run Awareness Campaign on Tourism in Uganda.

By Editor
Parliament also urged Gov’t to provide additional Shs4Bn to UTB to engage international and national media houses in production of positive media stories for improved destination image, following reports of drop in number of tourists from US, Europe and China visiting Uganda. "The National Development Plan targeted to cumulatively attract 281,760 International Tourist arrivals from US, Europe & China but only 67,252 arrivals were registered by the end of the first half of FY 2023/24. The U.S, Europe & China were key target source for leisure tourist who stay longer than business tourists. However, statistics show that international arrivals from the aforementioned areas have continue to drop. The UTB requires Shs4Bn to engage international & national media houses in production of positive tourism stories to improve destination perception in light of recent controversies that shade the destination in a bad light. However, this has remained unfunded,” said La...
Post a Comment
Read more