New Android malware supersedes taxis app to steal

[OyaYansa]

Do you often use apps to order a taxi? If your answer to the question is yes, be very careful: Kaspersky Lab experts have detected malware for Android that pretends to be such apps. It is a Trojan called Faketoken.q and has the ability to steal bank details and spy on victim communications.

The Trojan Faketoken is an old acquaintance of security researchers and has been discovered for years. The updated version that has been detected now has new features that were not available in the original malware and that make this threat

Experts believe that the virus is distributed through SMS with an image to download. Once installed on the terminal, the Trojan remains hidden and begins to monitor everything that happens in the system. It is prepared to spy on all communication and usage habits of the victim: detects and records calls, logs the most used apps, intercepts and hides all messages, etc.

The operation of Faketoken is as follows: the Trojan is passed through the taxi reservation application interface, but you can also do it with other apps that request the introduction of a bank card as payment method, including mobile banking applications, Booking flights and hotel rooms, and even Android Pay or Google Play Store.

To capture the financial data, it asks the victim through the app he / she overrides, and since it records the calls and intercepts all the messages, it also obtains the passwords and codes that are sent by these means.

Fortunately, the number of attacks detected by Kaspersky Lab security researchers is very small and they have only seen it on Russian territory, so they think the Trojan is still in the test phase. However, do not let your guard down, as the initial phase can start at any time and can be extended to other countries of the world very easily.