Cyble cybersecurity researchers have targeted millions of customers of Itau Unibanco bank in Brazil with a malicious mobile banking app by cybercriminals. Moreover, they reportedly even created a fake Google Play Store page to do this.
Experts state that this is the first big sign that draws attention, given that the Play Store installs applications through the store interface and never gives the user a chance to download the real APK.
The downloaded fake bank application does not need any major permissions during installation. Thus making it harder for antivirus and anti-malware tools to detect it.
Also, as the researchers explain, missing permissions are compensated through the Accessibility Service, giving the trojan everything it needs to bypass Android security protections. The malicious application requests permission to perform gestures, take screenshots and observe user action.
There is also a caveat: Although the fake website has now been removed, a new website may have been created afterwards.
To avoid falling victim to a similar scam, users are advised to never download content from unfamiliar sources, watch out for signs that could lead to a scam (like strange URLs, typos), keep security solutions up-to-date, and use strong passwords and 2FA.
50856
