FakeBank Is Back And Now Blocks Calls To Banks

Advertisement
Advertisement

A few years back, a trojan malware for Android by the name of FakeBank popped up. Back in 2013, the trojan got a hold of people's bank information by tricking users into replacing their official bank apps with fake ones that logged their info for scammers' use, or force-installing the fake apps through a USB connection to an infected computer. The information that was stolen could be used to make fraudulent purchases or even transfer money into the scammer's own account. The malware could be thwarted, like any other case of bank fraud, by calling the bank and freezing the affected account. The trojan is back, however, and this time, you can't do that as a means to stop the damage.

The newest variant of the FakeBank trojan malware is called Android.FakeBank.B, and has been traced as far back as March of 2016. The new malware performs all the same functions of the old one, through the same entry point. It tricks a user into installing a fake banking app, the fake app gets a customer's bank information, then the scammer can use it as they please. This new version, however, adds a special extra touch; it keeps a database of known bank customer service lines that a customer could call to freeze a compromised account, and blocks the user from calling those numbers. Essentially, it sets up a listener on the phone's dialer that looks for any of those numbers. When one is detected, the call is immediately cancelled. The only way to stop the malware is to use another method to contact the bank, then hard reset the device in question to factory settings or reflash the stock firmware, erasing everything on the device.

Since the app depends on a user having an insecure version of their banking app of choice and being tricked into installing an "update" from outside of the Play Store. In order to keep the hack from happening, users should be very mindful of where they get their software, be diligent about keeping apps up to date, and watch permissions for new apps closely. Currently, the malware is only popping up in South Korea and Russia, but with some modifications to the bank database and the fraudulent app, it could easily spread to other parts of the world.

Advertisement