These apps are generally found in third-party app stores that do not offer the same protection as the Google Play Store-though malware has snuck through the cracks of Google's firewall on several occasions.
The app even bypasses secondary security authentication steps such as OTP generation from the bank, as the app gains right to send and collect all SMSes from the device. If anyone needs further proof of that, Symantec has it, in the form of a warning over a new Android "Fakeapp" malware variant that spoofs Uber, the popular ridesharing service, to cover its tracks.
The list also includes mobile passbook apps such as IDBI Bank mPassbook and Baroda mPassbook. The app icon even resembles that of Flash Player as seen below. Deep linking in Android is a way to identify a specific piece of content or functionality inside an app.
Once an unassuming user installs the malicious app, it will ask the users to activate administrative rights. That makes everything seem legitimate, but in reality, the user's data was transmitted to a remote server.
What makes the malware particularly unsafe is that even if the user denies permission or administrative right or tries to kill the process on the device, "it keeps throwing continuous pop-ups until the user activates the admin privilege", said Mane.
When the user enters the information, it isn't actually providing it to Uber; the malware is using the fake interface to steal the login information from the victim.Читайте также: Spotify hit with $1.6 billion lawsuit
Nevertheless, security experts say that mobile malware hasn't affected many Uber users; it is still advised to remain vigilant and pay more attention to cyber security. Using this method, they will steal the complete information like login ID and passwords.
If anyone of the targeted apps is found on the infected device, the malware will throw up a fake notification screen that leads the user to a login screen, both created to mimic the original app.
"Users are advised to avoid downloading apps from third-party app stores or links provided in SMS and e-mails to keep their credentials safe", Quick Heal Technologies Joint Managing Director and Chief Technology Officer Sanjay Katkar said.
The researchers are now asking Android device users not to download any Flash Player apps as the original Adobe Flash Player was discontinued after the Android 4.1 update.
As an extra precaution, go through the list of permissions every app requests from you during installation.При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2018 Copyright.
Автоматизированное извлечение информации сайта запрещено.
Код для вставки в блог