Security News > 2022 > September > Fake Indian Banking Rewards Apps Targeting Android Users with Info-stealing Malware
An SMS-based phishing campaign is targeting customers of Indian banks with information-stealing malware that masquerades as a rewards application.
The Microsoft 365 Defender Research Team said that the messages contain links that redirect users to a sketchy website that triggers the download of the fake banking rewards app for ICICI Bank.
"The malware's RAT capabilities allow the attacker to intercept important device notifications such as incoming messages, an apparent effort to catch two-factor authentication messages often used by banking and financial institutions," researchers Shivang Desai, Abhishek Pustakala, and Harshita Tripathi said.
Like other social engineering attacks, familiar brand logos and names are used in the smishing message as well as the rogue app in a bid to give an illusion of legitimacy and trick the users into installing the apps.
The attacks are also a continuation of an ongoing campaign that has distributed similar rewards-themed apps for other Indian banks such as the State Bank of India and Axis Bank in the past.
"Its wider SMS stealing capabilities might allow attackers to the stolen data to further steal from a user's other banking apps."
News URL
https://thehackernews.com/2022/09/fake-indian-banking-rewards-apps.html
Related news
- Hackers steal banking creds from iOS, Android users via PWA apps (source)
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)