{"id":1958,"date":"2016-07-07T14:04:17","date_gmt":"2016-07-07T19:04:17","guid":{"rendered":"https:\/\/www.psafe.com\/en\/blog\/?p=1958"},"modified":"2016-10-24T17:04:45","modified_gmt":"2016-10-24T22:04:45","slug":"new-android-malware-mimics-common-apps","status":"publish","type":"post","link":"https:\/\/www.psafe.com\/en\/blog\/new-android-malware-mimics-common-apps\/","title":{"rendered":"New Android Malware Mimics Common Apps"},"content":{"rendered":"

The newest sensation sweeping European nations isn\u2019t quite as fashionable as pantsuits or as tasty as flakey milk chocolate; it is a new piece of Android malware that is gaining ground in countries like Denmark, Italy, Germany, and Austria. This software takes over apps like Uber and Google Play by mimicking their familiar user interfaces and tricking users into inputting confidential information.<\/p>\n

\"Run<\/a><\/center>
\nThis malware functions by using a particular SMS phishing scheme that sends out links in SMS messages to trick recipients into installing it on their devices. These links have gotten increasingly more deceptive, as some messages are as simple as \u201cWe could not deliver your order. Please check your shipping information here.\u201d After a user clicks on the given link he\/she has, unknowingly, given the malware access to monitor and manipulate the device.<\/p>\n

Once users have clicked on the link, the malware tracks which apps are used most frequently and which are running in the background. If one of those apps (usually WhatsApp, Uber or Google Play) is launched, the malware overlays a phishing page on top of it and then asks the user to input his\/her information. The problem is, the overlay is often \u201cnearly identical\u201d to the original app so it can be very challenging for users to recognize. This overlay is very deceptive because the UI screen is only created when the app is launched, emulating the actual app\u2019s appearance in real time. In this way, the malware can persuasively convince users to input confidential information which then gets sent to the C&C servers.<\/p>\n

\"Run<\/a><\/center>
\nWhile mobile banking apps and other financial apps used to be targeted for access to credit cards and other monetary information, the malware is now mimicking more common apps like WhatsApp, WeChat, Uber, Facebook, and Viber. Because the malware is accessing more \u201cbenign\u201d apps, people are less suspecting these apps will jeopardize their financial information.<\/p>\n

Perpetrators have also used a number of URL shortening services that make the malware harder to detect. FireEye claims that the 30 shortened URLs used to direct users to the malware have been clicked more than 160,000 times. However, the use of these shorteners has made it possible for experts to establish how many different Android devices could possess the malware (Hint: It\u2019s a lot).<\/p>\n

Although this malware is adeptly bypassing Android\u2019s security features, there are a few precautions you can take to make sure that your device is safe. The first is to simply make sure you\u2019re not clicking on links that are from unknown sources or contain vague messages. Be cautious when opening any new text messages or emails. You can also download a supplementary security system, like PSafe Total, for extra assurance that your device is secure. PSafe Total can detect the newest types of malware and give your Android devices unparalleled protection against whatever cybercriminals have in store.<\/p>\n

\"Run<\/a><\/center><\/p>\n
<\/div>\n","protected":false},"excerpt":{"rendered":"

Malware software takes over apps like WhatsApp, Google Play and even Uber in hopes to retrieve confidential information<\/p>\n","protected":false},"author":83,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","footnotes":""},"categories":[5],"tags":[1446,210,182,249,1443],"class_list":["post-1958","post","type-post","status-publish","format-standard","hentry","category-security","tag-app-malware","tag-apps","tag-malware","tag-security","tag-social-malware"],"_links":{"self":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/1958","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/users\/83"}],"replies":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/comments?post=1958"}],"version-history":[{"count":0,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/1958\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/media?parent=1958"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/categories?post=1958"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/tags?post=1958"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}