Security News > 2022 > April > Hackers Distributing Fake Shopping Apps to Steal Banking Data of Malaysian Users

Threat actors have been distributing malicious applications under the guise of seemingly harmless shopping apps to target customers of eight Malaysian banks since at least November 2021.

"The threat actors use these fake e-shop applications to phish for banking credentials," ESET said.

"The apps also forward all SMS messages received by the victim to the malware operators in case they contain 2FA codes sent by the bank."

"After picking the direct transfer option, victims are presented [with] a fake FPX payment page and asked to choose their bank out of the eight Malaysian banks provided, and then enter their credentials," ESET malware researcher Lukáš Štefanko said.

The ultimate goal of the campaign is to steal the banking credentials entered by the users and exfiltrate it to the attacker-controlled server, while displaying an error message that the entered user ID or password is invalid.

The fake apps are engineered to access and transmit all SMS messages received by the users to the remote server in the event the bank accounts are secured by two-factor authentication.

News URL

https://thehackernews.com/2022/04/hackers-distributing-fake-shopping-apps.html