CYBERSECURITY experts have uncovered a dangerous strain of Android malware that can steal your information and money.
The malware, dubbed CherryBlos and FakeTrade, was discovered by cybersecurity firm Trend Micro.
1
They were spotted on the Google Play Store, as well as being distributed on social media and via phishing.
“Trend Micro’s Mobile Application Reputation Service (MARS) team discovered two new related Android malware families involved in cryptocurrency-mining and financially-motivated scam campaigns targeting Android users,” Trend Micro’s report reads.
It’s not shocking that the malware was found attacking Android because hackers often exploit Android open-source software.
Unlike iOS, “it is easy for cybercriminals to infiltrate an Android device using malicious apps,” antimalware company Malwarefox said in a blog.
Malicious apps include malware programs like trojans, adware, spyware, keyloggers, and others
HOW DOES IT WORK?
This specific malware uses fake overlays and optical character recognition (OCR) technology to discreetly collect data.
Fake overlays are an attack technique in which part of an application design is covered by a fake screen that the users believe is real.
Users may then may enter information that hackers can swipe, such as passwords and credit card numbers.
Most read in News Tech
In addition to this, the malware uses also OCR, a feature found in many PDR editors that allows programs to extract text from images and photos.
However, with this malware, hackers use OCR to steal passwords from screenshots stored on victims’ smartphones.
In the case of OCR, the malware is first spread through malicious apps that are downloaded from app stores.
And once a user installs the app, it will begin taking screenshots of the victims’ screen’s display.
These screenshots are then sent to the malware’s command and control server, where the OCR technology is used to extract the text.
HOW TO STAY SAFE
There are a few things you can do to protect yourself from malicious apps like this.
First of all, only download apps from trusted sources. Just because an app is on the Google Play Store, doesn’t mean it’s safe.
It’s important to also use a password manager as this is the most secure way to store all of your passwords.
This also makes it much more difficult for malware to steal your passwords.
Lastly, be careful about what you screenshot – you should never screenshot passwords, credit card numbers, and other personal information.
