Android malware steals money fast via PayPal

Friday 14 December 2018 08:55 CET | News

Another malware discovered in November 2018 and masked as a battery enhancement application, called Android Optimization, can steal 1,000 euros in 5 seconds via PayPal.

The malware has been customized by bad actors to send 1,000 euros to cybercriminals using PayPal in around 5 seconds and all this without the user being able to stop it. The malware is being circulated by third party applications therefore making it unavailable in the official Google Play Store.

The malware exploits Google’s Accessibility Services and is intended to assist individuals with disabilities, tricking users into giving the hackers some control of the phone. Cybercriminals take control of the phone remotely when the user opens certain applications, for the most part some being: PayPal, Google Play, WhatsApp, Skype, Viber, Gmail, and some other banking applications.

According to ESET researchers the attackers fail only if the user has insufficient PayPal balance and no payment card connected to the account. The malicious Accessibility service is activated every time the PayPal app is launched, meaning the attack could take place multiple times.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Android malware, security, fraud prevention, cyber criminals, gaming apps, PayPal
Countries: World