Android Trojan Steals Your Money to Fund International SMS Attacks
An Android banking Trojan dubbed Faketoken has recently been observed by security researchers while draining its victims’ accounts to fuel offensive mass text campaigns targeting mobile devices from all over the world.
An Android banking trojan, dubbed Faketoken, is draining victim’s banking accounts to fuel offensive mass text campaigns targeting mobile devices from all over the world. Besides using fake logins and phishing overlay screens to steal credentials and exfiltrate mTAN numbers used by banks to validate online transactions, the malware can also generate customized phishing pages targeting over 2,200 financial apps, and can steal device information such as the IMEI and IMSI numbers, the phone number, and more.
“It’s still early days in 2020 and yet we have already seen several concerning mobile app security issues. First, the Shopper.a Android malware that de-activated Google Play Protect and demonstrated that despite their best efforts, we can’t count on Apple or Google alone to keep our mobile devices safe. Then we saw Princeton researchers show that mobile network operators aren’t getting any better at preventing SIM swap scams, which underscored that the carriers aren’t yet capable of protecting us either. Finally, there was the resurrection of the Faketoken Android banking Trojan showing us that attackers still consider mobile banking trojans lucrative. It’s clear mobile fraud and attacks will not abate in 2020, meaning that in particular financial institutions can’t rely on their customers’ mobile devices to be secure. But, of course, banks can’t give up on mobile banking — the mobile experience is becoming the key battleground for differentiation in financial services. By taking a layered approach to mobile fraud prevention, which includes strong mobile app security, user-friendly authentication and continuous risk monitoring, financial institutions can take steps to protect themselves and their customers from the growing threat. Attackers are increasingly investing in attacking mobile devices and apps, and its time financial institutions responded in kind by investing in sophisticated in-app protection and app shielding to harden their apps and empower them to protect themselves in hostile environments.”
– Sam Bakken, senior product marketing manager, OneSpan.