ANDROID owners have been warned that a dangerous malware could be lurking on their phones, disguised as McAfee antivirus software.
Cyber crooks rely heavily on the ability to masquerade as legitimate apps and software in the effort to fleece victims of their data and hard-earned cash.
1
It’s a tale as old as time – or technology.
Cybersecurity experts in NCC Group’s Fox-IT team first spotted the McAfee copycat banking trojan in early 2021.
But hackers have since given the copycat a sophisticated makeover, leaving Android owners more vulnerable than ever.
A banking trojan is malware specifically designed to steal a victim’s financial information.
READ MORE ON ANDROID
The new version of the malicious McAfee lookalike uses a combination of smishing and legitimate app abuse to fool victims.
Mini explainer: Phishing vs Smishing vs Vishing
It can be hard to keep up with all the tech lingo these days – so we’ve broken down the definitions for you.
Phishing: Fraudulent emails and websites meant to steal data.
Smishing: Fraudulent text messages meant to trick you into revealing data.
Vishing: Fraudulent phone calls that lure you to reveal personal information.
According to researchers, attackers first send victims a text warning of an unauthorised payment transaction and share a phone number for the victim to call.
Victims who take the bait are then persuaded to download a compromised version of the McAfee Security app from the Google Play Store.
Google is generally good at weeding out and removing risky apps from its platform, but a small number do slip through the cracks.
Most read in Phones & Gadgets
The app looks legit, but under the hood it is a malware dropper, which downloads various dodgy files onto a device – all without the victims knowledge.
This malware dropper, called Brunhila, delivers three forms of malware that seek to take control of the Android device.
It allows hackers to screen record, log keystrokes, download, upload and delete files, install apps and even click and scroll through the device without even touching it.
If you think you’ve downloaded the dodgy McAfee copycat – delete it straight away.
Always check the reviews for apps – as these can be red flag warnings against downloading specific apps, particularly if there are not many reviews for a supposedly popular app.
And as usual, be vigilant when downloading apps from app stores and through unofficial routes.
iPhone and Android owners urged to use Wi-Fi trick to stop snoopers seeing everything you do – but don’t make common mistake
