The McAfee Mobile Malware Research Team has found Android malware that is targeting customers in Mexico. It acts as a bank application or a security tool that updates users about out-of-service ATMs.
McAfee Mobile Security flags this threat as Android/Banker.BT.
Due to the pandemic, many bank customers rely on quick banking apps and other digital tools to operate their financial data. Banks also advise their users on new money transfers and securities apps to maintain social distancing.
However, cybercriminals use covid-19 preventive changes as a way to bait gullible customers to download applications meant for phishing attacks.
The newly discovered malware posing as a threat detecting tool to prevent fraudulent activities instills a sense of urgency in users. It has the potential to hack and steal authentication codes to access its victim’s accounts. Its goal is to target users with accounts at financial institutions in Mexico.
The attackers distribute the malware through a malicious phishing page. This page behaves like a banking security tip provider, and also contains some copy-pasted information from other credible bank sites.
The page asks users to download the malicious app and use it as a security tool or as an app to help report out-of-service bank ATMs. The criminals might also call the customer to recommend the app, a recurrent crime in Latin America.
The good news is that the malware has not been identified on Google Play yet. McAfee Mobile Security’s tips to avoid getting infected are:
- Do not download any randomly recommended apps, especially if they ask for notification listener permissions.
- Install a security tool or software on your device.
- Read reviews, check permissions, and research bank apps before downloading.
- Try using a token-based 2nd authentication factor application. These are more reliable than SMS authentication.
