Security News > 2022 > April > Android banking malware intercepts calls to customer support
A banking trojan for Android that researchers call Fakecalls comes with a powerful capability that enables it to take over calls to a bank's customer support number and connect the victim directly with the cybercriminals operating the malware.
While the victim sees the bank's real number on the screen, the connection is to the cybercriminals, who can pose as the bank's customer support representatives and obtain details that would give them access to the victim's funds.
Although it's been active for a while, the malware has received little attention - likely due to its limited target geography - despite its fake call feature that marks a new step in the development of mobile banking threats.
The malware developers recorded a few phrases that are commonly used by banks to let the customer know that an operator would take their call as soon as they become available.
Kaspersky researchers say that the malware can also spoof incoming calls, allowing cybercriminals to contact victims as if they were the bank's customer support service.
"These permissions allow the malware not only to spy on the user but to control their device to a certain extent, giving the Trojan the ability to drop incoming calls and delete them from the history. This allows the scammers, among other things, to block and hide real calls from banks" - Kaspersky.
News URL
Related news
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- TrickMo malware steals Android PINs using fake lock screen (source)
- TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- Cyber crooks push Android malware via letter (source)