Categories: NewsSecurity

Faketoken Android Malware Can Steal Victims’ Calls, Texts, and Credit Cards

By now, Android users know that they should avoid installing apps from third-party websites and unsolicited download prompts. Those who do not take security seriously end up having to deal with malware that can potentially cost them thousands of dollars. Faketoken, a one-year-old malware strain, recently evolved into a serious security threat, according to Kaspersky Labs.

Faketoken Is No Joke

Faketoken, according to various reports, used to cause low-level infections. It has recently been upgraded by its developers, and now has a better attack mechanism and reaches a lot more people.

Kaspersky researchers were not able to reconstruct the events leading to an infection, but believe the malware sneaks onto smartphones through bulk SMS message campaigns that prompt users to download pictures. Those that do so get infected.

Once on the system, Faketoken obfuscates itself by hiding its shortcut icon. It then remains undetected while monitoring which apps the user opens, which messages are being received, phone calls, and the like, and sends all that information to its command and control (C&C) server.

Notably, the Faketoken malware can put screen overlays on an estimated 2,000 apps to trick users into handing its admins their credit card info. When a user launches one of these applications, the malware substitutes the app’s UI with a fake one. The substitution is instantaneous so the user is completely unaware. The damage can be significant, as all of these apps support linking bank cards. Kaspersky stated:

Related Post

“It should be noted that all of the apps attacked by this malware sample have support for linking bank cards in order to make payments. However, the terms of some apps make it mandatory to link a bank card in order to use the service.”

Since most of these apps require two-factor confirmation through an SMS code, fraudsters complete the process by having Faketoken monitor incoming text messages to catch one-time passwords and redirect them to its server before the user ever sees them.

More Advanced Version to Come

Kaspersky Labs warned that this version of Faketoken is still rather new, and that more advanced versions are to be expected. In fact, those versions may already be out in the wild. To protect yourself against this and other types of malware, be very careful with attachments from unknown sources, do not install apps from third-party sources, and use an anti-malware app.

Faketoken’s screen overlays indicate that the version Kaspersky tested was still unfinished, as it contained formatting errors that would make it obvious to the victim that something is off. Interestingly, the malware has been mainly spotted in Russia and other ex-Soviet countries. The researchers stated:

“To this day we still have not registered a large number of attacks with the Faketoken sample, and we are inclined to believe that this is one of its test versions. According to the list of attacked applications, the Russian UI of the overlays, and the Russian language in the code, Faketoken.q is focused on attacking users from Russia and CIS countries.”

Francisco Memoria

Francisco is a cryptocurrency enthusiast who's lucky enough to be able to write about his passion.

Share
Published by
Francisco Memoria

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

10 hours ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

10 hours ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

11 hours ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

11 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

15 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

16 hours ago