A new piece of malware for Android devices is programmed to send 1,000 euros to cyberthieves via PayPal in around 5 seconds all without the user being able to stop it.
The malware is disguised as a battery optimization app called Android Optimization and is distributed by third party app stores (so it’s not in the official Google Play store.)
Once installed, the malware asks the user for permission to “Enable Statistics.” This innocent sounding function actually allows the malware, and its creators, to receive notifications when the user is interacting with certain apps, and inspect the content of the window they’re interacting with. In other words, this allows the cybercriminals to take control of the phone remotely when the user opens certain apps. In this case: PayPal, Google Play, WhatsApp, Skype, Viber, Gmail, and some banking apps.
The malware’s most dangerous function gets activated when users open the PayPal app. At that point, if they fell for the “Enable Statistics” trick, the malware takes over and sends out payments to the criminals. This works even if the user has two-factor authentication enabled, because the malware just waits for the user to be logged in.
Watch the video above demonstrating how the malware steal paypal funds.
This should be a warning to all those who download apps from other sources besides the official Google Play app store.
Motherboard
For More Videos:
0 Comments
Share your thoughts!