FakeToken attacks taxi aggregators. Think before you click!
By MYBRANDBOOK
Beware of while booking for a taxi with your favourite Taxi services either OLA or UBER if You’re in a hurry, trying to get to work, a business meeting, a date. So you launch your favorite app for booking a taxi as usual, but this time, it prompts you to enter your credit card number. Does that seem suspicious? It may not - apps forget information, and all you have to do is add your card number again.
However, after some time you notice money disappearing from your account. What happened? You may be the unlucky winner of a mobile Trojan. This kind of malware has been caught recently. Courtesy, FakeToken Mobile Trojan (a backdoor application that gives a hacker full remote access to a victim’s device) that had hit Android users back in March 2012 as a banking OTP/MSTN stealer disguised as a fake banking token generator and then reappeared as a mobile ransomware in March 2016 is back again and this time it is targeting users of famous taxi services including OLA UBER and many more.
FakeToken, further snoops on its victim via recording calls, stealing SMSs & contacts along with other critical user data.
Description
Android/FakeToken. A is a malicious application that pretends to be a security token used as a second factor of authentication in online banking transactions but in fact it is an application that steals banking credentials and executes commands from a C&C server in order to leak sensitive data (SMS messages, contact list) and download/install other applications.
Indication of Infection
• Appears to be a security token used as a second factor of authentication in online banking transactions.
Using the smart phone and smart devices you need to be very much smart enough else it’ll lead up to complete bankruptcy. Cheapest smart phones are not at all secure. Since, the phone manufacturer can’t afford to put those kind of security features and it is easily prone and link into the customer of cyber security. Cybercriminals leverage the fact that everyone has a mobile device today. This mobile trojan is lethal, in that it is able to take full control of the device, and steal critical information like banking credentials, contacts, etc and even record your calls!”
“Don’t give apps more permission than they require, Don’t download apps from untrusted sources and think before you click! These 3 tips should hold you in good stead.”
* Intercepts received SMS with mTANs in order to send them to a remote server.
* Sends the contact list to the C&C server.
* Obtains and sends device information (IMEI, IMSI, phone number) to a remote server.
* Downloads and installs other applications.
Methods of Infection
This malware requires that the user intentionally install it upon the device. Users should never install applications from unknown or un-trusted developers. This is especially true for illegal software, such as cracked applications-they are a favorite vector for malware infection.
Some simple tips for avoiding malware in your smartphone are as follows:
Always check what all permission the app requires the users to allow before installation. Stay cautious with permissions that don't seem legitimate, for instance, if a calculator app wants to access your call logs or messages it is clear that the app wants unnecessary permission and can be malicious. Trust your gut!
Check reviews and ratings given by others users who have installed the application.If the ratings are unsatisfactory it is not preferable to download the app.
Check the number of downloads, if the number of downloads is less than 50k, it may be risky to download the app.
Don’t download apps from unknown sources, they can be infected with data stealing malware hidden behind a genuine looking app. Stay away from pirated apps
Think before you click!
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
SAMSUNG INDIA ELECTRONICS PVT. LTD.
RELIANCE JIO INFOCOMM LTD.
CENTRE FOR DEVELOPMENT OF TELEMATICS
NUMERIC INDIA, A Group Brand Legrand
Technology Icons Of India 2023: Dr. P D Vaghela
Dr PD Vaghela serves as the Chairperson of Telecommunications Regulato...
Technology Icons Of India 2023: Vijay Shekhar Sharma
Vijay Shekhar Sharma is an Indian technology entrepreneur and billiona...
Technology Icons Of India 2023: Anil Kumar Aggarwal
Anil Agarwal is an Indian billionaire businessman who is the founder a...
BSE provides highly secure, efficient and transparent market for trading
BSE (formerly known as Bombay Stock Exchange Ltd.) is Asia's first & t...
STPI encouraging software exports from India
Software Technology Parks of India (STPI) is an S&T organization under...
NPCI leading India towards Digital payments
The National Payments Corporation of India (NPCI) is an initiative tak...
Crayon Software Experts India Pvt Ltd
Crayon helps its customers build the commercial and technical foundati...
M. TECH SOLUTIONS (I) PVT. LTD.
M.Tech is a leading cyber security and network performance solutions ...
SAVEX TECHNOLOGIES PVT. LTD.
Savex Technologies is the 3rd largest Information & Communication Tec...