Researchers at Slovak security firm ESET said they have found that three malicious Android apps are still targeting the customers of eight different Malaysian banks in a campaign that began late last year.
ESET researcher Lukáš Štefanko told The Record that they don't have information on how many times these apps were downloaded or how widespread the campaigns is. But they found evidence confirming that attackers are still creating fake websites that pose as legitimate services.
Some of the websites are outright copying the original as a way to get people to download the apps. The apps not only steal banking credentials but allow attackers to forward all of the victim's SMS messages to the malware operators in case they contain two-factor authentication codes sent by the bank.
From The Record
View Full Article