Kaspersky discovers new Android malware that steals credit card details

Tuesday 22 August 2017 14:02 CET | News

Security company Kaspersky has discovered a new Android malware that steals victims’ details when they enter them into apps.

The malware is called Fakedtoken and began as a banking trojan that intercepted texts to steal two-factor authentication codes. Kasperskys researchers suspect it spreads via bulk SMS text message to potential victims, asking them to download some pictures, according to Business Insider.

Once installed, it hides its icon and places a covert over banking and miscellaneous applications, such as Android Pay, Google Play Store, or apps for paying for traffic tickets and booking flights, hotel rooms, and taxis. The malware can even intercept SMS messages, thus breaking the two-factor authentication required by some banks to authorise payments and transfers.

The threat of Fakedtoken appears to be largely limited to Russian and ex-Soviet countries, the researchers wrote. Security experts recommend that Android smartphone users should not install apps from third-party sources or download unknown files. By default, Android phones only allow users to install apps from the official Google Play Store.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Kaspersky Lab, financial attacks, malware, credit card details, cybercrime, online fraud, Android users, online security, banking trojan
Categories: Securing Transactions | Digital Identity, Security & Online Fraud
Countries: World
This article is part of category

Securing Transactions