Tuesday, November 5, 2024

All Android users placed on red alert – scary bank bug can empty your account

Must read

A worrying bug is back and becoming its next victim could leave your bank account drained of all its cash. The latest threat, which has been spotted by the security team at Ziperium, is using the so-called “FakeCall” bug to attack unsuspecting Android users. This vicious malware was actually first spotted all the at back in 2022 but it’s now seen a shock resurgence and is more troublesome than ever.

Once installed, the latest version of FakeCall can set about redirecting phone calls with users being put through to scammers when they think they are simply ringing their bank.

Zimperium has confirmed that it works by taking over Android’s call handler setting which then allows cyber crooks to manipulate both incoming and outgoing calls.

What makes this threat so serious is that it works even if the correct number has been punched in on the keypad. Once the call is made, FakeCall simply redirects the victim to unofficial call centres where money can then be stolen and bank accounts raided.

Explaining more about the attack, Zimperium said: “When the compromised individual attempts to contact their financial institution, the malware redirects the call to a fraudulent number controlled by the attacker.

“The malicious app will deceive the user, displaying a convincing fake UI that appears to be the legitimate Android’s call interface showing the real bank’s phone number.”

“The victim will be unaware of the manipulation, as the malware’s fake UI will mimic the actual banking experience, allowing the attacker to extract sensitive information or gain unauthorized access to the victim’s financial accounts.”

This is not an attack anyone wants to fall victim to but there is a way to stay safe. It seems almost all “FakeCall” infections are taking place when users add apps to their devices via unofficial stores or by downloading them from the web.

With little protection from these installation methods, it’s easy for scammers to take advantage.

As long as you stick to Google’s Play Store you should be safe from FakeCall being secretly added to your device.

Before installing anything onto your phone it’s always a good idea to check the permissions you are granting and, if possible, take time to read reviews and look at who has developed the application.

If you don’t want your money stolen, stay alert and be careful which apps you install.

Latest article