KUALA LUMPUR – Cybercriminals have been deploying malicious Android apps parading as e-stores for legitimate Malaysian businesses since late last year to farm sensitive banking details of customers, according to a report released today by cybersecurity firm Eset Research.
The report said the attacks have come from seven fake websites mirroring the websites of six companies offering cleaning services and one pet store, through which customers are then tricked into downloading the malicious apps onto their smartphones.
“The copycat websites do not provide an option to shop directly through them. Instead, they include buttons that claim to download apps from Google Play,” the report said.
“However, clicking these buttons does not actually lead to the Google Play store, but to servers under the threat actors’ control.”
Customers who download the apps will be asked to enable the “install unknown apps” option, after which they are presented with payment options that include credit card and direct bank transfers.
Choosing the direct transfer option will bring victims to a fake FPX payment page listing eight banks – Maybank, Affin Bank, Public Bank Berhad, CIMB, BSN, RHB, Bank Islam Malaysia, and Hong Leong Bank.
However, the FPX page will return error messages after victims input their user IDs and passwords, which are instead sent to malware operators who forward all SMS messages received by the victim in case they contain two-factor authentication codes sent by their bank, the report said.
Eset researcher Lukáš Štefanko said smartphone users must be vigilant and check that they are browsing legitimate websites, and be circumspect when clicking on ads and paid search engine results.
Android users should also make sure they are redirected to the Google Play Store when clicking on download links, and use mobile security solutions on top of two-factor authentication to secure their devices, Štefanko said.
According to the report, smartphones accounted for 69% of all retail website visits worldwide, and 57% of online shopping orders in the first quarter of last year. It also noted that 53% of smartphone users use vendor-specific apps. – The Vibes, April 6, 2022