• krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • Hackers Distributing Fake Shopping Apps to Steal Banking Data of Malaysian Users
    Home Malware Hackers Distributing Fake Shopping Apps to Steal Banking Data of Malaysian Users

    Hackers Distributing Fake Shopping Apps to Steal Banking Data of Malaysian Users

    Source Link

    Banking Data

    Threat actors have been distributing malicious applications under the guise of seemingly harmless shopping apps to target customers of eight Malaysian banks since at least November 2021.

    The attacks involved setting up fraudulent but legitimate-looking websites to trick users into downloading the apps, Slovak cybersecurity firm ESET said in a report shared with The Hacker News.

    The copycat websites impersonated cleaning services such as Maid4u, Grabmaid, Maria’s Cleaning, Maid4u, YourMaid, Maideasy and MaidACall and a pet store named PetsMore, all of which are aimed at users in Malaysia.

    CyberSecurity

    “The threat actors use these fake e-shop applications to phish for banking credentials,” ESET said. “The apps also forward all SMS messages received by the victim to the malware operators in case they contain 2FA codes sent by the bank.”

    Banking Data

    The targeted banks include Maybank, Affin Bank, Public Bank Berhad, CIMB bank, BSN, RHB, Bank Islam Malaysia, and Hong Leong Bank.

    The websites, distributed through Facebook ads, urge visitors to download what the attackers claim to be are Android apps available on the Google Play Store, but in reality, redirect them to rogue servers under their control.

    Banking Data

    It’s worth noting here that the attack hinges on the prerequisite that the potential victims enable the non-default “Install unknown apps” option on their devices for it to succeed. What’s more, five of the abused services don’t even have an app on Google Play.

    Once launched, the apps prompt the users to sign in to their accounts, allowing them to place fake orders, following which options are presented to complete the checkout process by including a fund transfer from their bank accounts.

    CyberSecurity

    “After picking the direct transfer option, victims are presented [with] a fake FPX payment page and asked to choose their bank out of the eight Malaysian banks provided, and then enter their credentials,” ESET malware researcher Lukáš Štefanko said.

    The ultimate goal of the campaign is to steal the banking credentials entered by the users and exfiltrate it to the attacker-controlled server, while displaying an error message that the entered user ID or password is invalid.

    In addition, the fake apps are engineered to access and transmit all SMS messages received by the users to the remote server in the event the bank accounts are secured by two-factor authentication.

    “While the campaign targets Malaysia exclusively for now, it might expand to other countries and banks later on,” Štefanko said. “At this time, the attackers are after banking credentials, but they may also enable the theft of credit card information in the future.”

    Related Articles

    Leave a Comment

    techhipbettruvabetnorabahisbahis forumutaraftarium24eduseduseduedueduedusedueduedusedu
    padişahbet
    pin up aviator
    padişahbet güncel giriş
    casinomilyon giriş
    plinko romania
    kingbetting giriş
    betmatik
    neyine giriş
    lüks casino giriş
    betwild giris
    rokubet casino
    vegabet güncel giriş
    rexbet giriş
    biabet giris
    imajbet giriş
    cashwin giris
    biabet giriş
    betwild giris
    sugar rush 1000
    свит бонанза