Imagine if you called your bank after discovering fraudulent activity on one of your accounts, and the person on the other end was a hacker. Well, that’s exactly what’s happening to victims of this update Android banking trojan.
According to reports peepee computera new version of the FakeCall Trojan is currently circulating online. The malware, first discovered by cybersecurity firm Kaspersky in 2022, uses voice phishing (or vishing), overlay attack Other tricks to make the victim believe they are actually on the phone with someone at the bank.
Late last year, CheckPoint my report It warned that FakeCall has gained the ability to impersonate more than 20 different financial organizations. But since then, its capabilities have gotten even more powerful, and the malware is now able to hijack both incoming and outgoing calls from your network. best android smartphones.
Here’s everything you need to know about this banking Trojan and tips and tricks to protect yourself from hackers and the malware they use to attack you.
Hijacking of incoming and outgoing calls
Like most banking Trojans, FakeCall spreads by: malicious app Usually sideloaded to the victim’s cell phone. In previous versions of this Trojan, users would call their banks from within these malicious apps, from where the hacker would impersonate a bank employee and display the bank’s number in a fake overlay during the call, allowing the hacker to was preventing intrusion.
But this new version of FakeCall, analyzed by cybersecurity researchers at Zimperium, uses new tricks to appear even more convincing. The malicious app used to spread this malware sets itself as the phone’s default call handler instead of overlaying it on top of the legitimate app. This is done by exploiting Android accessibility services After installation, victim will be asked to approve it.
The hackers behind this campaign are able to hijack both incoming and outgoing calls by gaining full control over the call handler of an Android phone. To make this look more legitimate, a fake calling interface is used that copies the real Android dialer and displays the names and information of the victim’s most frequently contacted contacts.
When a victim tries to call a bank or other financial institution, FakeCall hijacks the call and redirects it to a phone number controlled by the hacker. Victims believe they are talking to a bank employee over the phone who may request sensitive information, but they are actually talking to a hacker. Hackers record everything they say to use in subsequent attacks or even to commit fraud.
In addition to this new feature, this latest version of FakeCall has several other upgrades. These include the ability to live stream what’s on your screen, take screenshots on infected devices, unlock your phone and temporarily turn off auto-lock, and more. With so many new features added to this malware, it is clear that it is currently under active development and its authors are making it even more powerful with each subsequent release.
among them reportZimperium provides further details about the banking Trojan, stating that it has identified 13 malicious apps used to spread FakeCall. However, the company instead of their name signs of compromise (IoC) Located on GitHub. Try to get the complete list of app names. If we are able to obtain it, we will update this article.
How to protect yourself from Android malware
As with many other Android malware, the easiest way to avoid infecting your phone with the FakeCall banking Trojan is to not sideload the app. While it may be convenient to install apps this way, these apps don’t go through the same rigorous security checks as official app stores, so you’re exposing yourself to additional risks. Google Play Storeavailable on Samsung Galaxy Store and Amazon App Store.
If in doubt, don’t install the app as an APK file on your phone. Instead, visit the official app store and search for the app you want to use by name. Google and other search engines are often used by hackers to host malicious ads, so we recommend going directly to the app store and searching for new apps yourself. Similarly, let’s say you want to equally limit the number of apps on your phone. A good app can become bad.
To stay protected from malware and other online threats, you should make sure that Google Play Protect is enabled on your device. This built-in security app scans all new apps you download and existing apps on your phone for malware. However, for even more protection, you may also consider using one of the following: Best Android antivirus app Alongside Google Play Protect.
As long as apps exist, hackers will find ways to exploit and attack them. However, if you avoid sideloading new apps and don’t give unnecessary permissions to the apps you install, you should be safe from hackers. At the same time, it’s always a good idea to: Restart your device regularly Prevent hackers from infecting your phone with malware using zero-click exploits.
FakeCall is still under development, so this won’t be the last time we hear of this banking Trojan being used in a cyberattack.
