Tech Support
Documentation
Login
Contact Us
Android Malicious Apps Targeting Indian Users
Rohan Timalsina
December 7, 2023 - TuxCare expert team
In recent times, a concerning surge in a new wave of cyber threats, specifically targeting Android users in India, has come to light. Cyber attackers are using crafty social engineering tactics to trick people into installing malicious apps that steal passwords and sensitive data.
Researchers from Microsoft threat intelligence have revealed the modus operandi of this malicious campaign, shedding light on the alarming tactics employed by cybercriminals.
The primary strategy adopted by these attackers involves impersonating legitimate organizations, ranging from banks to government services, to trick users into installing fake apps. Attackers are spreading malicious APK files through messages and creating a sense of urgency by informing users that their bank accounts will be blocked unless they update their permanent account number (PAN) using the provided fake apps.
The Hidden Agenda
Once installed, the malicious app prompts users to enter their bank account info, debit card PIN, PAN card numbers, and online banking credentials. All this data is then sent to the attackers’ command-and-control server and a specified phone number. The app even displays a fake message saying the details are being verified for a KYC update, instructing users not to uninstall the app for 30 minutes. The app can hide its icon, making it run in the background without the user’s knowledge.
What’s more alarming is that the malware asks permission to read and send SMS messages, allowing it to intercept one-time passwords (OTPs) and forward victims’ messages to the attackers via SMS.
Microsoft’s researchers emphasize that to fall victim to these attacks, users must enable app installations from unknown sources outside the official app store.
These mobile banking trojans can seriously jeopardize users’ personal information, privacy, device security, and financial well-being. The attackers often disguise these threats as legitimate apps and use social engineering to trick users into revealing sensitive data.
Safeguarding Against Malicious App Threats
To combat the rise in Android malicious apps, Google has introduced new security features, including real-time code-level scanning for apps not previously scanned. Samsung has also joined the effort by introducing an Auto Blocker option for Galaxy devices, preventing app installations from sources other than Google Play Store and Galaxy Store.
To protect yourself, always check the legitimacy of app developers, read reviews, and carefully review the permissions requested by apps before downloading. Stay vigilant to ensure your smartphone remains secure from these evolving threats!
The sources for this article include a story from TheHackerNews.
